ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login
    1. Topics
    2. ICantIT
    I
    • Profile
    • Following 0
    • Followers 0
    • Topics 0
    • Posts 1
    • Groups 0

    ICantIT

    @ICantIT

    0
    Reputation
    1
    Profile views
    1
    Posts
    0
    Followers
    0
    Following
    Joined
    Last Online
    ICantIT Unfollow Follow

    Latest posts made by ICantIT

    • RE: ZeroTier Flow Rules

      Sorry about dragging this old topic back but, it is probably the most relevant to what I'm looking for.

      I have been trying to get the ZeroTier FlowRules to work but must be doing something wrong. My ruleset is very close to what @JaredBusch has but, the ZeroTier nodes don't work as expected.

      When I leave the final accept statement, ZeroTier passes all traffic. When I comment out that last accept all traffic stops.

      # Allow only IPv4, IPv4 ARP
#
drop
	not ethertype ipv4
	and not ethertype arp
# Drop IPv6 Ethernet frames.
#	and not ethertype ipv6
;
#
#
# Uncomment to drop non-ZeroTier issued and managed IP addresses.
#
# This prevents IP spoofing but also blocks manual IP management at the OS level and
# bridging unless special rules to exempt certain hosts or traffic are added before
# this rule.
#
#drop
#	not chr ipauth
#;
accept
	ipprotocol tcp
		and dport 80
;
# Accept anything else. This is required since default is 'drop'.
accept;

      Any help on what I'm doing wrong will be greatly appreciated.

      posted in IT Discussion
      I
      ICantIT