diff options
| author | Silvino Silva <silvino@bk.ru> | 2018-05-06 14:31:35 +0100 |
|---|---|---|
| committer | Silvino Silva <silvino@bk.ru> | 2018-05-06 14:31:35 +0100 |
| commit | d476ab5f420b2f1b3c81d65856ecd7113976391b (patch) | |
| tree | e97e7fc4377c10904c876222a9af3ac245f861b0 /core | |
| parent | 807e672437b0da7e9c3afd51e7d863515118c3ef (diff) | |
| download | doc-d476ab5f420b2f1b3c81d65856ecd7113976391b.tar.gz | |
added https client to server iptables
Diffstat (limited to 'core')
| -rw-r--r-- | core/scripts/iptables.sh | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/core/scripts/iptables.sh b/core/scripts/iptables.sh index 5d09f00..41ce988 100644 --- a/core/scripts/iptables.sh +++ b/core/scripts/iptables.sh @@ -90,7 +90,6 @@ case $TYPE in ####### PostRouting Chain ###### $IPT -t nat -A POSTROUTING -o lo -s 127.0.0.0/8 -d 127.0.0.0/8 -j ACCEPT - #$IPT -t nat -A POSTROUTING -o ${PRIV_IF} -j MASQUERADE ## log everything else and drop @@ -112,6 +111,7 @@ case $TYPE in $IPT -A INPUT -i ${PUB_IF} -d ${PUB_IP} -s ${BR_NET} -j srv_https_in $IPT -A INPUT -i ${PUB_IF} -d ${PUB_IP} -s ${BR_NET} -j srv_ssh_in $IPT -A INPUT -i ${PUB_IF} -d ${PUB_IP} -s ${BR_NET} -j srv_git_in + $IPT -A INPUT -i ${PUB_IF} -d ${PUB_IP} -j cli_https_in ####### Output Chain ###### $IPT -A OUTPUT -j blocker @@ -120,6 +120,7 @@ case $TYPE in $IPT -A OUTPUT -o ${PUB_IF} -d ${BR_NET} -s ${PUB_IP} -j srv_https_out $IPT -A OUTPUT -o ${PUB_IF} -d ${BR_NET} -s ${PUB_IP} -j srv_ssh_out $IPT -A OUTPUT -o ${PUB_IF} -d ${BR_NET} -s ${PUB_IP} -j srv_git_out + $IPT -A OUTPUT -o ${PUB_IF} -s ${PUB_IP} -j cli_https_out ## log everything else and drop iptables_log |