iptables: add some missing rules
All checks were successful
bundlewrap/pipeline/head This commit looks good
All checks were successful
bundlewrap/pipeline/head This commit looks good
This commit is contained in:
parent
087bc4c669
commit
691c3e7bc2
GPG key ID:
12E3D2136B818350
2 changed files with 20 additions and 0 deletions
|
|
@ -128,6 +128,17 @@ nodes['htz.ex42-1048908'] = {
|
|||
'iptables_both -A INPUT -p udp --dport 60000:61000 -j ACCEPT', # mosh
|
||||
'iptables_both -A INPUT -p tcp --dport 9001 -j ACCEPT', # weechat
|
||||
'iptables_both -A INPUT -p tcp --dport 113 -j ACCEPT', # oidentd
|
||||
|
||||
# libvirt rules. These are also added by libvirt itself,
|
||||
# but they would be overridden by our own iptables
|
||||
# management.
|
||||
'iptables -A INPUT -i virbr0 -p udp --dport 53 -j ACCEPT',
|
||||
'iptables -A INPUT -i virbr0 -p tcp --dport 53 -j ACCEPT',
|
||||
'iptables -A INPUT -i virbr0 -p udp --dport 67:68 -j ACCEPT',
|
||||
'iptables -A INPUT -i virbr0 -p tcp --dport 67:68 -j ACCEPT',
|
||||
'iptables -A FORWARD -i virbr0 -j ACCEPT',
|
||||
'iptables -A FORWARD -o virbr0 -j ACCEPT',
|
||||
'iptables -t nat -A POSTROUTING -o enp0s31f6 -j MASQUERADE',
|
||||
],
|
||||
},
|
||||
'letsencrypt': {
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue