godot/Tail-Firewall
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Tags rulles

Browse Source
This commit is contained in:
godot 2024-07-23 23:55:09 +02:00
parent 64260cb6c1
commit d68669ffaf
1 changed files with 9 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
my-rules.json
View File

@ -1,10 +1,5 @@
// Example/default ACLs for unrestricted connections. // Example/default ACLs for unrestricted connections.
{ {
// Declare static groups of users. Use autogroups for all users or users with a specific role.
// "groups": {
// "group:example": ["alice@example.com", "bob@example.com"],
// },
// Define the tags which can be applied to devices and by which users. // Define the tags which can be applied to devices and by which users.
"tagOwners": { "tagOwners": {
"tag:Host": ["autogroup:admin"], "tag:Host": ["autogroup:admin"],
@ -20,12 +15,17 @@
"acls": [ "acls": [
// Allow all connections. // Allow all connections.
// Comment this section out if you want to define specific restrictions. // Comment this section out if you want to define specific restrictions.
{"action": "accept", "src": ["*"], "dst": ["*:*"]}, // {"action": "accept", "src": ["*"], "dst": ["*:*"]},
// Allow users in "group:example" to access "tag:example", but only from // Random can
// devices that are running macOS and have enabled Tailscale client auto-updating.
{"action": "accept", "src": ["tag:Random"], "dst": ["*:*"]}, {"action": "accept", "src": ["tag:Random"], "dst": ["*:*"]},
// {"action": "accept", "src": ["group:example"], "dst": ["tag:example:*"], "srcPosture":["posture:autoUpdateMac"]},
// Host can
{"action": "accept", "src": ["tag:Host"], "dst": ["tag:Service":*]},
// Hidden serves
{"action": "accept", "src": ["*"], "dst": ["tag:Hidden:*"]},
], ],
// Define postures that will be applied to all rules without any specific // Define postures that will be applied to all rules without any specific