diff options
Diffstat (limited to 'core')
-rw-r--r-- | core/scripts/iptables.sh | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/core/scripts/iptables.sh b/core/scripts/iptables.sh index 41ce988..0f05b1f 100644 --- a/core/scripts/iptables.sh +++ b/core/scripts/iptables.sh @@ -54,9 +54,12 @@ case $TYPE in $IPT -A FORWARD -o ${BR_IF} -s ${PUB_IP} -d ${BR_NET} -j cli_ssh_out $IPT -A FORWARD -i ${BR_IF} -o ${BR_IF} -m physdev --physdev-in ${PUB_IF} --physdev-out tap2 -j srv_rip + $IPT -A FORWARD -i ${BR_IF} -o ${BR_IF} -m physdev --physdev-in tap2 --physdev-out ${PUB_IF} -j srv_dhcp $IPT -A FORWARD -i ${BR_IF} -o ${BR_IF} -m physdev --physdev-in ${PUB_IF} --physdev-out tap2 -j srv_dhcp - #$IPT -A FORWARD -o ${BR_IF} -m physdev --physdev-in tap2 --physdev-out ${PUB_IF} -j srv_ssh_out + + $IPT -A FORWARD -i ${BR_IF} -o ${BR_IF} -m physdev --physdev-in tap2 --physdev-out ${PUB_IF} -j cli_https_out + $IPT -A FORWARD -i ${BR_IF} -o ${BR_IF} -m physdev --physdev-in ${PUB_IF} --physdev-out tap2 -j cli_https_in ####### Input Chain ###### $IPT -A INPUT -j blocker @@ -78,6 +81,7 @@ case $TYPE in $IPT -A OUTPUT -j blocker #Less noise $IPT -A OUTPUT -o ${BR_IF} -s ${PUB_IP} -p tcp --dport 3030 --sport 1024:65535 -j DROP + $IPT -A OUTPUT -o ${BR_IF} -s ${PUB_IP} -p tcp --dport 80 --sport 1024:65535 -j DROP $IPT -A OUTPUT -o ${BR_IF} -s ${PUB_IP} -j cli_dns_out $IPT -A OUTPUT -o ${BR_IF} -s ${PUB_IP} -j cli_https_out |