roles/fw-ferm/files/ferm.conf.r-vp1

@@ -35,22 +35,23 @@ table filter {
             proto (udp tcp) dport domain ACCEPT;
             proto udp dport bootps ACCEPT;
         }
+
         # interface réseau
+        interface $DEV_WORLD {
+
+        }
 
         # the rest is dropped by the above policy
     }#FIN INPUT
 
     # outgoing connections are not limited
-    chain OUTPUT {
-        policy ACCEPT;
-#	interface $DEV_VPN proto ssh dport 22 ACCEPT;
-
+    chain OUTPUT {policy ACCEPT;
     }#FIN OUTPUT
 
     chain FORWARD {
         policy ACCEPT;
-
         proto icmp icmp-type echo-request ACCEPT;
+        }
         # connection tracking
         mod state state INVALID DROP;
         mod state state (ESTABLISHED RELATED) ACCEPT;