From 813a727ab0fec07264cf928afad1cadd80de1c24 Mon Sep 17 00:00:00 2001
From: Guillaume Emorine <guillaume.emorine@debian>
Date: Tue, 2 Apr 2024 17:10:35 +0200
Subject: [PATCH] =?UTF-8?q?=09Modifi=C3=A9=C2=A0:=20=20=20=20=20=20=20=20?=
 =?UTF-8?q?=20sisr1/tp07/files=5Ffirewall/current=5Fruleset=5Fv1.nft?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 sisr1/tp07/files_firewall/current_ruleset_v1.nft | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/sisr1/tp07/files_firewall/current_ruleset_v1.nft b/sisr1/tp07/files_firewall/current_ruleset_v1.nft
index 5e456c3..3e35f9b 100644
--- a/sisr1/tp07/files_firewall/current_ruleset_v1.nft
+++ b/sisr1/tp07/files_firewall/current_ruleset_v1.nft
@@ -1,13 +1,17 @@
+define netif = enp0s3
+define dmzif = enp0s8
+define lanif = enp0s9
+
 table ip ipfilter {
 	chain routing {
 		type filter hook forward priority filter; policy accept;
-		icmp type echo-request iif { "enp0s3", "enp0s8" } drop
+		icmp type echo-request iif { $netif, $dmzif } drop
 		icmp type { echo-reply, echo-request } accept
 		drop
 	}
 
 	chain system_in {
 		type filter hook input priority filter; policy accept;
-		icmp type echo-request iif { "enp0s3", "enp0s8" } drop
+		icmp type echo-request iif { $netif, $dmzif } drop
 	}
 }