i’ve been using zerotier with the default flow rules for some time. now i’ve been looking at the tips section and a bunch of posts to try to achieve a configuration on my own but with no luck.
i’m trying to configure the flow rules in a way such that any peer can only communicate to and from a single designated peer. this way peers cannot reach or see each other, only the designated peer.
thanks in advance for any help.
# Allow only IPv4, IPv4 ARP, and IPv6 Ethernet frames. drop not ethertype ipv4 and not ethertype arp #and not ethertype ipv6 ; # This prevents IP spoofing but also # blocks manual IP management at the OS level and # bridging unless special rules to exempt # certain hosts or traffic are added before # this rule. drop not chr ipauth ; accept ztdest abcdef123 # designated peer ; accept ztsrc abcdef123 # designated peer ;