diff options
| author | Tim Meusel <tim@bastelfreak.de> | 2019-07-03 20:42:10 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-07-03 20:42:10 +0200 |
| commit | 92bfbfed2e47ef3ff857623c5c5accda42dbf195 (patch) | |
| tree | b0825b3475046cc96bba090e9b232c942ea09023 /files | |
| parent | 537a0b31a53b1a6eb0dac2fb9487a192159f0b74 (diff) | |
| parent | 821a95b24dace808e546e685371b25988afd2396 (diff) | |
| download | puppet-ferm-92bfbfed2e47ef3ff857623c5c5accda42dbf195.tar.gz puppet-ferm-92bfbfed2e47ef3ff857623c5c5accda42dbf195.tar.bz2 | |
Merge pull request #47 from bastelfreak/header
add `managed by puppet` header to template
Diffstat (limited to 'files')
| -rw-r--r-- | files/ferm.conf | 38 |
1 files changed, 0 insertions, 38 deletions
diff --git a/files/ferm.conf b/files/ferm.conf deleted file mode 100644 index 27eea58..0000000 --- a/files/ferm.conf +++ /dev/null @@ -1,38 +0,0 @@ -# -*- shell-script -*- -# -# Ferm example script -# -# Firewall configuration for a workstation which accepts remote ssh login. -# -# Author: Max Kellermann <max@duempel.org> -# - -table filter { - chain INPUT { - policy DROP; - - # connection tracking - mod state state INVALID DROP; - mod state state (ESTABLISHED RELATED) ACCEPT; - - # allow local connections - interface lo ACCEPT; - - # respond to ping - proto icmp icmp-type echo-request ACCEPT; - - # allow SSH connections - proto tcp dport ssh ACCEPT; - - # ident connections are also allowed - proto tcp dport auth ACCEPT; - - # the rest is dropped by the above policy - } - - # outgoing connections are not limited - chain OUTPUT policy ACCEPT; - - # this is not a router - chain FORWARD policy DROP; -} |