From b09ea48f16f7fb3770ae915267f4655b5586eb5a Mon Sep 17 00:00:00 2001
From: "charlie.alves" <charliealves3740@gmail.com>
Date: Mon, 14 Apr 2025 11:18:37 +0200
Subject: [PATCH] tp-06

---
 sisr1/tp06-firewall/current_ruleset.nft | 26 +++++++++++++++++++++++++
 1 file changed, 26 insertions(+)
 create mode 100644 sisr1/tp06-firewall/current_ruleset.nft

diff --git a/sisr1/tp06-firewall/current_ruleset.nft b/sisr1/tp06-firewall/current_ruleset.nft
new file mode 100644
index 0000000..59e903b
--- /dev/null
+++ b/sisr1/tp06-firewall/current_ruleset.nft
@@ -0,0 +1,26 @@
+define netif = enp0s3
+define lanif = enp0s8
+define dmzif = enp0s9
+
+
+table ip ipfilter{
+	chain prerouting {
+                type filter hook prerouting priority filter; policy drop;
+		tcp dport 22 accept
+        }
+	chain system_in {
+                type filter hook input priority filter; policy drop;
+		tcp dport 22 accept
+        }
+ 	chain routing {
+                type filter hook forward priority filter; policy drop;
+        }
+ 	chain system_out {
+                type filter hook output priority filter; policy drop;
+		tcp sport 22 accept
+        }
+	chain postrouting {
+                type filter hook postrouting priority filter; policy drop;
+		tcp sport 22 accept
+        }
+}
\ No newline at end of file