ferm
ferm copied to clipboard
MaxKellermann
ferm is a frontend for iptables
Fixes #84 `ipset` matching module doesn't allow specifying multiple `--match-set` for a single `-m set`, so, we'll keep every `mod set` specified in the config. @MaxKellermann feel free to edit...
*Description* iptables rules generated by `ferm` from it's config are missing the second `-m set` option when matching source _and_ destination against ipsets should be: ``` -A FORWARD --match set...
Hello, Please, add support [ipt-ratelimit](https://github.com/aabc/ipt-ratelimit)
can you please add support for variable expansion inside backticks? I have a router with several interfaces, and would like to assign the network interface names (e.g. `eth0`) to variables...
I take whitelist IPs from a plaintext file. I'm trying to resolv entries, but some of them are already IP or IP-range (CIDR). I would like to have: ``` @def...
Please remove `background-color` from `body`: 
At first, thank you very much for nice tool. I use it with docker. Docker changes some builtin chains and makes serveral new chains. Filter's chain "DOCKER-USER" is one of...
I just started using ferm and looked at the example files. The antiddos file intrigued me and I attempted to use it as is. When I ran `ferm --interactive` I...
see https://manpages.ubuntu.com/manpages/xenial/man8/iptables-extensions.8.html
both iptables parameter, `sport` and `dport` allow negation. Example from a recent Debian (Bullseye) ```console iptables-legacy -I INPUT --protocol tcp --sport 53 --destination 127.0.0.1 ! --dport 53 --jump ACCEPT ```...