matchstick
home
docs
playground
github
theme
nftables text
nftables json
sysctl
loading wasm...
firewall.lua
local ssh = fw:service("ssh", "tcp", 22) local http = fw:service("http", "tcp", 80) local ping = fw:service("ping", "icmp", "echo-request") local self = fw:zone("fw") local wan = fw:zone("wan", "eth0") local lan = fw:zone("lan", "eth1") fw:policy(wan, self, "drop", { log = true }) fw:policy(self, wan, "accept") fw:policy(lan, self, "accept") fw:policy(lan, wan, "accept") fw:rule(wan, self, "accept", ssh) fw:rule(wan, self, "accept", http) fw:rule(wan, self, "accept", ping)
output