diff options
Diffstat (limited to 'contrib/ipfilter/rules/example.9')
| -rw-r--r-- | contrib/ipfilter/rules/example.9 | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/contrib/ipfilter/rules/example.9 b/contrib/ipfilter/rules/example.9 new file mode 100644 index 0000000..77968f8 --- /dev/null +++ b/contrib/ipfilter/rules/example.9 @@ -0,0 +1,12 @@ +# +# drop all packets without IP security options +# +block in all +pass in all with opt sec +# +# only allow packets in and out on le0 which are top secret +# +block out on le1 all +pass out on le1 all with opt sec-class topsecret +block in on le1 all +pass in on le1 all with opt sec-class topsecret |
