jcarr
/
wit-network-config
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

prepping to flip back bastion to a loopback ip. setting firewall rule accordingly

This commit is contained in:
toby 2018-11-18 02:22:04 +01:00
parent 9028be6de6
commit e3fba4ecad
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
files/firewall
View File

@ -22,6 +22,7 @@ case $1 in
iptables -A INPUT -p udp --dport 500 --sport 500 -j ACCEPT # ipsec iptables -A INPUT -p udp --dport 500 --sport 500 -j ACCEPT # ipsec
iptables -A INPUT -p udp --dport 4500 --sport 4500 -j ACCEPT # ipsec iptables -A INPUT -p udp --dport 4500 --sport 4500 -j ACCEPT # ipsec
iptables -A INPUT -s 170.199.217.0 -p tcp --dport 22 -j ACCEPT # ssh from bastion iptables -A INPUT -s 170.199.217.0 -p tcp --dport 22 -j ACCEPT # ssh from bastion
iptables -A INPUT -s 10.1.19.1 -p tcp --dport 22 -j ACCEPT # ssh from bastion
iptables -A INPUT -s 170.199.217.0 -p udp --sport 53 -j ACCEPT # dns replies from bastion iptables -A INPUT -s 170.199.217.0 -p udp --sport 53 -j ACCEPT # dns replies from bastion
iptables -A INPUT -s 170.199.216.1 -p tcp --sport 2379 -j ACCEPT # etcd replies stackapi iptables -A INPUT -s 170.199.216.1 -p tcp --sport 2379 -j ACCEPT # etcd replies stackapi
iptables -A INPUT -s 170.199.216.13 -p tcp --sport 443 -j ACCEPT # mirrors.wit.com iptables -A INPUT -s 170.199.216.13 -p tcp --sport 443 -j ACCEPT # mirrors.wit.com