kunsi/bundlewrap
1
0
Fork 0
Code Issues 1 Pull requests 1 Releases Activity

nodes/home.router: add port forwarding for home.nas
All checks were successful
bundlewrap/pipeline/head This commit looks good
Details

Browse source
This commit is contained in:
Franzi 2020-11-14 12:26:22 +01:00
parent c8272b933a
commit 10732efa36
Signed by: kunsi
GPG key ID: 12E3D2136B818350
1 changed files with 5 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
nodes/home/router.py
View file

@ -38,10 +38,15 @@ nodes['home.router'] = {
},
'iptables': {
'custom_rules': [
# This is a router. Allow forwarding traffic for all internal networks.
'iptables_both -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT',
'iptables_both -A FORWARD -i enp1s0.23 -o enp1s0.42 -j REJECT',
'iptables_both -A FORWARD -i enp1s0.23 -j ACCEPT',
'iptables_both -A FORWARD -i enp1s0.42 -j ACCEPT',
# External port 2022 should be home.nas
'iptables -t nat -A PREROUTING -p tcp --dport 2022 -j DNAT --to 172.19.138.20:22',
'iptables -A FORWARD -p tcp -d 172.19.138.20 --dport 22 -j ACCEPT',
],
},
'nameservers': atomic({