From 851543db0ac491e53a7eeeba7ee521265b4d635d Mon Sep 17 00:00:00 2001
From: root <root@ip-10-0-2-15>
Date: Fri, 3 Feb 2023 09:21:56 +0100
Subject: [PATCH] ajout ferm vpn

---
 roles/fw-ferm/files/ferm2.conf | 13 +++++--------
 1 file changed, 5 insertions(+), 8 deletions(-)

diff --git a/roles/fw-ferm/files/ferm2.conf b/roles/fw-ferm/files/ferm2.conf
index 5d5d94f..bf0cde2 100644
--- a/roles/fw-ferm/files/ferm2.conf
+++ b/roles/fw-ferm/files/ferm2.conf
@@ -1,5 +1,3 @@
-# -*- shell-script -*-
-
 @def $DEV_VPN= wg0;
 
 table filter {
@@ -12,23 +10,22 @@ table filter {
 
         # allow local connections
         interface lo ACCEPT;
-        interface $DEV_VPN{
+
         # respond to ping
         proto icmp icmp-type echo-request ACCEPT;
         # disallow ssh
-        saddr proto tcp dport ssh DROP;
-        }
+        proto tcp dport ssh ACCEPT;
+  
     }#FIN INPUT
 
     # outgoing connections are not limited
     chain OUTPUT {
         policy ACCEPT;
-        interface $DEV_VPN{
         # allow ssh
-        daddr proto tcp dport ssh ACCEPT;
+        proto tcp dport ssh DROP; 
         # respond to ping
         proto icmp icmp-type echo-request ACCEPT;
-        }
+
      }#FIN OUTPUT
 
     chain FORWARD {