examples

2026-05-10 13:45:13 +02:00
parent 6fa2e985c5
commit e2cea5542b
8 changed files with 27 additions and 9 deletions
--- a/chains/.gitignore
+++ b/chains/.gitignore
@@ -1,3 +0,0 @@
-*
-!.gitignore
-!.gitkeep
--- a/chains/.gitkeep
+++ b/chains/.gitkeep
--- a/chains/ai-sandbox.sh
+++ b/chains/ai-sandbox.sh
@@ -0,0 +1,14 @@
+FW_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)"
+source "$FW_DIR/lib.sh"
+
+
+ensure_chain ai-sandbox-input
+ensure_chain ai-sandbox-forward
+
+add_rule ai-sandbox-input -s 10.77.0.150 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
+add_rule ai-sandbox-input -s 10.77.0.150 -j REJECT --reject-with icmp-port-unreachable
+
+add_rule ai-sandbox-forward -s 10.77.0.150 -d 10.0.0.0/8 -j REJECT --reject-with icmp-port-unreachable
+add_rule ai-sandbox-forward -s 10.77.0.150 -d 172.16.0.0/12 -j REJECT --reject-with icmp-port-unreachable
+add_rule ai-sandbox-forward -s 10.77.0.150 -d 192.168.0.0/16 -j REJECT --reject-with icmp-port-unreachable
+add_rule ai-sandbox-forward -s 10.77.0.150 -j ACCEPT