| 123456789101112131415161718192021222324252627282930 |
- local client_bridge = require 'gluon.client_bridge'
- local site = require 'gluon.site'
- local next_node = site.next_node({})
- local macaddr = client_bridge.next_node_macaddr()
- rule('FORWARD --logical-out br-client -i bat0 -o local-port -j DROP')
- rule('FORWARD --logical-out br-client -i local-port -o bat0 -j DROP')
- rule('FORWARD --logical-out br-client -o bat0 -d ' .. macaddr .. ' -j DROP')
- rule('OUTPUT --logical-out br-client -o bat0 -d ' .. macaddr .. ' -j DROP')
- rule('FORWARD --logical-out br-client -o bat0 -s ' .. macaddr .. ' -j DROP')
- rule('OUTPUT --logical-out br-client -o bat0 -s ' .. macaddr .. ' -j DROP')
- if next_node.ip4 then
- rule('FORWARD --logical-out br-client -o bat0 -p ARP --arp-ip-src ' .. next_node.ip4 .. ' -j DROP')
- rule('FORWARD --logical-out br-client -o bat0 -p ARP --arp-ip-dst ' .. next_node.ip4 .. ' -j DROP')
- rule('FORWARD --logical-out br-client -o bat0 -p IPv4 --ip-destination ' .. next_node.ip4 .. ' -j DROP')
- rule('OUTPUT --logical-out br-client -o bat0 -p IPv4 --ip-destination ' .. next_node.ip4 .. ' -j DROP')
- rule('FORWARD --logical-out br-client -o bat0 -p IPv4 --ip-source ' .. next_node.ip4 .. ' -j DROP')
- rule('OUTPUT --logical-out br-client -o bat0 -p IPv4 --ip-source ' .. next_node.ip4 .. ' -j DROP')
- end
- if next_node.ip6 then
- rule('FORWARD --logical-out br-client -o bat0 -p IPv6 --ip6-destination ' .. next_node.ip6 .. ' -j DROP')
- rule('OUTPUT --logical-out br-client -o bat0 -p IPv6 --ip6-destination ' .. next_node.ip6 .. ' -j DROP')
- rule('FORWARD --logical-out br-client -o bat0 -p IPv6 --ip6-source ' .. next_node.ip6 .. ' -j DROP')
- rule('OUTPUT --logical-out br-client -o bat0 -p IPv6 --ip6-source ' .. next_node.ip6 .. ' -j DROP')
- end
|
