Seems to work
This commit is contained in:
Maurice
@@ -1,21 +1,6 @@
|
||||
#!/bin/sh
|
||||
echo "Setting up firewall..."
|
||||
|
||||
apk add -u awall # important -u flag!
|
||||
apk add ip6tables iptables
|
||||
modprobe -v ip_tables
|
||||
modprobe -v ip6_tables
|
||||
#modprobe -v iptable_nat #if NAT is used
|
||||
|
||||
# Register services
|
||||
rc-update add iptables
|
||||
rc-update add ip6tables
|
||||
rc-service iptables start
|
||||
rc-service ip6tables start
|
||||
|
||||
# In the global policy, LAN rules are omitted, as we are behind a NAT router.
|
||||
# If not, add this to global.policy.json:
|
||||
# "LAN": { "iface": "eth1" },
|
||||
# ...
|
||||
# { "in": "LAN", "action": "accept" },
|
||||
# { "out": "LAN", "action": "accept" },
|
||||
apk add nftables
|
||||
rc-update add nftables boot
|
||||
rc-service nftables start
|
||||
Reference in New Issue
Block a user