From 630e965343803e90cdbeeb30a06cae9edc61db4e Mon Sep 17 00:00:00 2001 From: Silvino Silva Date: Sun, 16 Oct 2016 23:24:52 +0100 Subject: tools network revision --- core/conf/iptables/rules.v4 | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'core/conf') diff --git a/core/conf/iptables/rules.v4 b/core/conf/iptables/rules.v4 index cbaa347..848603c 100644 --- a/core/conf/iptables/rules.v4 +++ b/core/conf/iptables/rules.v4 @@ -48,7 +48,7 @@ COMMIT # # Allow established from dns server --A INPUT -i wlp7s0 -p udp -m udp --sport 53 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT +#-A INPUT -i wlp7s0 -p udp -m udp --sport 53 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT # INPUT accept passive -A INPUT -i wlp7s0 -p tcp -m tcp --sport 1024:65535 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT @@ -79,6 +79,7 @@ COMMIT # INPUT accept from wlp7s0 to dns server -A INPUT -i wlp7s0 -p udp -m udp --sport 1024:65535 --dport 53 -m state --state NEW,ESTABLISHED -j ACCEPT + # INPUT accept from wlp7s0 to https server -A INPUT -i wlp7s0 -p tcp -m tcp --sport 1024:65535 --dport 443 -m state --state NEW,ESTABLISHED -j ACCEPT # INPUT accept from wlp7s0 to ssh server @@ -97,7 +98,7 @@ COMMIT -A OUTPUT -o br0 -j ACCEPT # Allow dns --A OUTPUT -o wlp7s0 -p udp -m udp --sport 1024:65535 --dport 53 -m state --state NEW,ESTABLISHED -j ACCEPT +#-A OUTPUT -o wlp7s0 -p udp -m udp --sport 1024:65535 --dport 53 -m state --state NEW,ESTABLISHED -j ACCEPT # Allow to rsync server -A OUTPUT -o wlp7s0 -p tcp -m tcp --sport 1024:65535 --dport 873 -m state --state NEW,ESTABLISHED -j ACCEPT @@ -125,6 +126,7 @@ COMMIT -A OUTPUT -o wlp7s0 -p tcp -m tcp --sport 2222 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT # Allow from dns server -A OUTPUT -o wlp7s0 -p udp -m udp --sport 53 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT + -A OUTPUT -j LOG --log-prefix "iptables: OUTPUT: " --log-level 7 COMMIT # Completed on Sat Oct 15 17:20:41 2016 -- cgit 1.4.1-2-gfad0