Merge branch 'develop' of git:doc into develop

author: Silvino <silvino@bk.ru> 2019-06-08 01:49:23 +0100
committer: Silvino <silvino@bk.ru> 2019-06-08 01:49:23 +0100
commit: 923321515685eed09a269d5643135b7c3a4e865d (patch)
tree: f8c710d7f69aff8cd2fdf3edd99094ecba1dffae /core/conf/iptables/ipt-server.sh
parent: 8af00e259088a5a6c44e45c1a6d0efabf1fa155a (diff)
parent: 045ea9a3815a56609af07a3c7d9df6fcc18910a5 (diff)
download: doc-923321515685eed09a269d5643135b7c3a4e865d.tar.gz
1 files changed, 10 insertions, 0 deletions
diff --git a/core/conf/iptables/ipt-server.sh b/core/conf/iptables/ipt-server.sh
index 225fd31..027cd11 100644
--- a/core/conf/iptables/ipt-server.sh
+++ b/core/conf/iptables/ipt-server.sh
@@ -1,10 +1,15 @@
 echo "setting server network..."
+source /etc/iptables/ipt-conf.sh
+source /etc/iptables/ipt-firewall.sh
+ipt_clear
+ipt_tables
 
 # Unlimited on loopback
 $IPT -A INPUT -i lo -s 127.0.0.0/8 -d 127.0.0.0/8 -j ACCEPT
 $IPT -A OUTPUT -o lo -s 127.0.0.0/8 -d 127.0.0.0/8 -j ACCEPT
 $IPT -A INPUT -i lo -s ${PUB_IP} -d ${PUB_IP} -j ACCEPT
 $IPT -A OUTPUT -o lo -s ${PUB_IP} -d ${PUB_IP} -j ACCEPT
+$IPT -A OUTPUT -o lo -s ${PUB_IP} -d 10.255.255.255 -j ACCEPT
 
 ####### Input Chain ######
 $IPT -A INPUT -j blocker
@@ -35,3 +40,8 @@ $IPT -A OUTPUT -o ${PUB_IF} -s ${PUB_IP} -j srv_https_out
 
 $IPT -A OUTPUT -o ${PUB_IF} -d ${BR_NET} -j srv_ssh_out
 $IPT -A OUTPUT -o ${PUB_IF} -d ${BR_NET} -j srv_git_out
+
+## log everything else and drop
+ipt_log
+
+iptables-save > /etc/iptables/server.v4
author	Silvino <silvino@bk.ru>	2019-06-08 01:49:23 +0100
committer	Silvino <silvino@bk.ru>	2019-06-08 01:49:23 +0100
commit	923321515685eed09a269d5643135b7c3a4e865d (patch)
tree	f8c710d7f69aff8cd2fdf3edd99094ecba1dffae /core/conf/iptables/ipt-server.sh
parent	8af00e259088a5a6c44e45c1a6d0efabf1fa155a (diff)
parent	045ea9a3815a56609af07a3c7d9df6fcc18910a5 (diff)
download	doc-923321515685eed09a269d5643135b7c3a4e865d.tar.gz