Differences

This shows you the differences between two versions of the page.

--- сервис_firewall [2025/10/20 07:20]
val [nftables]
+++ сервис_firewall [2026/04/04 06:34] (current)
val
@@ Line 210: / Line 210: @@
 }
 </code><code>
+root@openvpn2:~# nft -c -f /etc/nftables.conf
 root@openvpn2:~# systemctl reload nftables.service
@@ Line 417: / Line 419: @@
 root@gate:~# netfilter-persistent save
 </code>
+==== Debian/Ubuntu (nftables) ====
+<code>
+# cat /etc/nftables.conf
+</code><code>
+...
+table inet filter {
+        chain input {
+                type filter hook input priority filter;
+        }
+        chain forward {
+                type filter hook forward priority filter;
+                iifname "eth0" oifname "eth1" counter packets 0 bytes 0 accept
+                iifname "eth1" oifname "eth0" counter packets 0 bytes 0 accept
+                iifname "eth2" counter packets 0 bytes 0 accept
+                iifname "tun*" counter packets 0 bytes 0 accept
+                ct state established,related counter packets 0 bytes 0 accept
+                counter packets 0 bytes 0 drop
+        }
+        chain output {
+                type filter hook output priority filter;
+                ct state established,related counter packets 0 bytes 0 accept
+                oifname "eth2" counter packets 0 bytes 0 drop
+        }
+}
+</code>
 ==== FreeBSD (pf) ====
 <code>
@@ Line 499: / Line 525: @@
         }
 ...
+</code><code>
+gate# nft list set inet filter denylist
+gate# nft flush set inet filter denylist
 </code>
 ==== FreeBSD (pf) ====

Методические материалы Лохтурова Вячеслава

User Tools

Site Tools

Differences

Page Tools