firewall: allowing ipmi calles to be routed so that VPN clients and other boxes can make calls to ipmi

This commit is contained in:
toby 2019-01-11 18:09:37 +01:00
parent 0de30974af
commit a1d5439422
1 changed files with 4 additions and 2 deletions

View File

@ -61,8 +61,9 @@ case $1 in
iptables -F FORWARD iptables -F FORWARD
iptables -A FORWARD -o mgmtgw1 -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A FORWARD -o mgmtgw1 -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -o mgmtgw1 -j DROP iptables -A FORWARD -o mgmtgw1 -j DROP
iptables -A FORWARD -i ipmigw1 -j DROP
iptables -A FORWARD -o ipmigw1 -j DROP iptables -A FORWARD -o ipmigw1 -j DROP
iptables -A FORWARD -i ipmigw1 -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -i ipmigw1 -j DROP
#special tables #special tables
@ -129,8 +130,9 @@ case $1 in
ip6tables -F FORWARD ip6tables -F FORWARD
ip6tables -A FORWARD -o mgmtgw1 -m state --state ESTABLISHED,RELATED -j ACCEPT ip6tables -A FORWARD -o mgmtgw1 -m state --state ESTABLISHED,RELATED -j ACCEPT
ip6tables -A FORWARD -o mgmtgw1 -j DROP ip6tables -A FORWARD -o mgmtgw1 -j DROP
ip6tables -A FORWARD -i ipmigw1 -j DROP
ip6tables -A FORWARD -o ipmigw1 -j DROP ip6tables -A FORWARD -o ipmigw1 -j DROP
ip6tables -A FORWARD -i ipmigw1 -m state --state ESTABLISHED,RELATED -j ACCEPT
ip6tables -A FORWARD -i ipmigw1 -j DROP
#special tables #special tables