From 98890660f8470097cb0735ed2e7c3b43276021eb Mon Sep 17 00:00:00 2001
From: gadmin <philippe.sevre@gmail.com>
Date: Wed, 31 Mar 2021 11:51:22 +0200
Subject: [PATCH] =?UTF-8?q?Mise=20=C3=A0=20jour=20de=20'roles/firewall-vpn?=
 =?UTF-8?q?-r/files/ferm.conf'?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 roles/firewall-vpn-r/files/ferm.conf | 14 ++------------
 1 file changed, 2 insertions(+), 12 deletions(-)

diff --git a/roles/firewall-vpn-r/files/ferm.conf b/roles/firewall-vpn-r/files/ferm.conf
index 7e274cc..899911f 100644
--- a/roles/firewall-vpn-r/files/ferm.conf
+++ b/roles/firewall-vpn-r/files/ferm.conf
@@ -9,7 +9,7 @@
 
 @def $NET_ADM=192.168.99.112/24;
 @def $NET_VPN=192.168.0.51/24;
-@def $NET_EXT=192.168.1.2/30;
+@def $NET_EXT=192.168.1.2/24;
 
 table filter {
     chain INPUT {
@@ -23,9 +23,8 @@ table filter {
         interface lo ACCEPT;
 
         # allow SSH connections
-        #interface ($DEV_VPN) {
 	proto tcp dport ssh ACCEPT;
-	#}
+	
 
         # allow DNS connections
 	proto udp sport domain ACCEPT;
@@ -50,22 +49,13 @@ table filter {
 #	proto (udp tcp) dport domain ACCEPT;
 	#}
 
-	# autoriser supervision
-	proto udp sport 161 ACCEPT;
 
 	# autoriser NTP
 	proto udp sport 123 ACCEPT;
 
-        # respond to ping
-        proto icmp mod limit limit 30/minut ACCEPT; 
-
     }
     chain OUTPUT {
         policy ACCEPT;
-
-        # connection tracking
-        # mod state state INVALID DROP;
-        # mod state state (ESTABLISHED RELATED) ACCEPT;
     }
     chain FORWARD {
         policy ACCEPT;