blob: 4c218e9302266cd7073b38aad0392dde5bf2b969 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
|
table inet x {
secmark ssh_server {
"system_u:object_r:ssh_server_packet_t:s0"
}
chain y {
type filter hook input priority -225; policy accept;
tcp dport 2222 ct state new meta secmark set "ssh_server"
ct state new ct secmark set meta secmark
ct state established,related meta secmark set ct secmark
}
chain z {
type filter hook output priority 225; policy accept;
ct state new ct secmark set meta secmark
ct state established,related meta secmark set ct secmark
}
}
|