[PATCH] Temporary setting for galgoci

Stephen John Smoogen smooge at gmail.com
Mon Aug 24 22:11:58 UTC 2009


On Mon, Aug 24, 2009 at 4:08 PM, Mike McGrath<mmcgrath at redhat.com> wrote:
> ---
>  manifests/servergroups/proxy.pp |    3 ++-
>  1 files changed, 2 insertions(+), 1 deletions(-)
>
> diff --git a/manifests/servergroups/proxy.pp b/manifests/servergroups/proxy.pp
> index bdea7b6..70bbcf4 100644
> --- a/manifests/servergroups/proxy.pp
> +++ b/manifests/servergroups/proxy.pp
> @@ -741,7 +741,8 @@ class proxy {
>     # Firewall Rules, allow HTTP traffic through
>     $tcpPorts = [ 80, 443, 873, 8080 ]
>     $udpPorts = []
> -    $custom = []
> +    $custom = ['-A INPUT -p tcp -m tcp  --dport 80 -j ACCEPT',
> +                '-A INPUT -p tcp -m tcp --sport 80 -j DROP']
>
>     iptables { "/etc/sysconfig/iptables":
>         content => template("system/iptables-template.conf.erb"),
> --

+1 for the meantime.


-- 
Stephen J Smoogen.

Ah, but a man's reach should exceed his grasp. Or what's a heaven for?
-- Robert Browning




More information about the infrastructure mailing list