evolix/ansible-roles
22
2
Fork 2
Code Issues 61 Pull requests 18 Releases 32 Wiki Activity

minifirewall: Make outgoing SSH in IPv6 works

Browse source
This commit is contained in:
Ludovic Poujol 2017-12-15 14:49:21 +01:00
parent bfb8a6cee8
commit b90260ae28
1 changed files with 2 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
minifirewall/files/minifirewall.conf
View file

@ -77,7 +77,8 @@ NTPOK='0.0.0.0/0'
# Example: allow SSH from Trusted IPv6 addresses
/sbin/ip6tables -A INPUT -i $INT -p tcp --dport 22 -s 2a01:9500:37:129::/64 -j ACCEPT
# Example: allow input HTTP/HTTPS/SMTP/DNS traffic
# Example: allow outgoing SSH/HTTP/HTTPS/SMTP/DNS traffic
/sbin/ip6tables -A INPUT -i $INT -p tcp --sport 22 --match state --state ESTABLISHED,RELATED -j ACCEPT
/sbin/ip6tables -A INPUT -i $INT -p tcp --sport 80 --match state --state ESTABLISHED,RELATED -j ACCEPT
/sbin/ip6tables -A INPUT -i $INT -p tcp --sport 443 --match state --state ESTABLISHED,RELATED -j ACCEPT
/sbin/ip6tables -A INPUT -i $INT -p tcp --sport 25 --match state --state ESTABLISHED,RELATED -j ACCEPT