Need some looking at iptables change.
Stephen John Smoogen
smooge at gmail.com
Thu Jul 2 02:10:17 UTC 2009
Make the patch smaller.
---
configs/system/iptables-template.conf.erb | 5 +----
1 files changed, 1 insertions(+), 4 deletions(-)
diff --git a/configs/system/iptables-template.conf.erb
b/configs/system/iptables-template.conf.erb
index 90a6115..9ccbec0 100644
--- a/configs/system/iptables-template.conf.erb
+++ b/configs/system/iptables-template.conf.erb
@@ -24,7 +24,6 @@
# Temporary measure for ro access to nfs1
-A INPUT -p tcp -m tcp -s 10.8.34.113 --dport 48621:48624 -j ACCEPT
-A INPUT -p udp -m udp -s 10.8.34.113 --dport 48621:48624 -j ACCEPT
--A INPUT -p tcp -m tcp -s 10.8.34.113 --dport 51234:51235 -j ACCEPT
-A INPUT -p tcp -m tcp -s 10.8.34.113 --dport 2049 -j ACCEPT
-A INPUT -p udp -m udp -s 10.8.34.113 --dport 2049 -j ACCEPT
-A INPUT -p tcp -m tcp -s 10.8.34.113 --dport 111 -j ACCEPT
@@ -32,7 +31,6 @@
-A INPUT -p tcp -m tcp -s 10.8.34.114 --dport 48621:48624 -j ACCEPT
-A INPUT -p udp -m udp -s 10.8.34.114 --dport 48621:48624 -j ACCEPT
--A INPUT -p tcp -m tcp -s 10.8.34.114 --dport 51234:51235 -j ACCEPT
-A INPUT -p tcp -m tcp -s 10.8.34.114 --dport 2049 -j ACCEPT
-A INPUT -p udp -m udp -s 10.8.34.114 --dport 2049 -j ACCEPT
-A INPUT -p tcp -m tcp -s 10.8.34.114 --dport 111 -j ACCEPT
@@ -40,7 +38,6 @@
-A INPUT -p tcp -m tcp -s 10.8.34.83 --dport 48621:48624 -j ACCEPT
-A INPUT -p udp -m udp -s 10.8.34.83 --dport 48621:48624 -j ACCEPT
--A INPUT -p tcp -m tcp -s 10.8.34.83 --dport 51234:51235 -j ACCEPT
-A INPUT -p tcp -m tcp -s 10.8.34.83 --dport 2049 -j ACCEPT
-A INPUT -p udp -m udp -s 10.8.34.83 --dport 2049 -j ACCEPT
-A INPUT -p tcp -m tcp -s 10.8.34.83 --dport 111 -j ACCEPT
@@ -48,7 +45,6 @@
-A INPUT -p tcp -m tcp -s 10.8.34.196 --dport 48621:48624 -j ACCEPT
-A INPUT -p udp -m udp -s 10.8.34.196 --dport 48621:48624 -j ACCEPT
--A INPUT -p tcp -m tcp -s 10.8.34.196 --dport 51234:51235 -j ACCEPT
-A INPUT -p tcp -m tcp -s 10.8.34.196 --dport 2049 -j ACCEPT
-A INPUT -p udp -m udp -s 10.8.34.196 --dport 2049 -j ACCEPT
-A INPUT -p tcp -m tcp -s 10.8.34.196 --dport 111 -j ACCEPT
@@ -61,6 +57,7 @@
-A INPUT -p tcp -m tcp -d 10.8.34.125 --dport 8140 -j ACCEPT
-A INPUT -p tcp -m tcp -d 10.8.34.125 --dport 873 -j ACCEPT
-A INPUT -p tcp -m tcp -d 10.8.34.125 --dport 80 -j ACCEPT
+-A INPUT -p tcp -m tcp -d 10.8.34.125 --dport 51234:51235 -j ACCEPT
-A INPUT -p tcp -m tcp -d 10.8.34.50 --dport 25 -j ACCEPT
-A INPUT -s 10.8.34.113 -j REJECT --reject-with icmp-host-prohibited
-A INPUT -s 10.8.34.114 -j REJECT --reject-with icmp-host-prohibited
--
1.5.5.6
--
Stephen J Smoogen. -- BSD/GNU/Linux
How far that little candle throws his beams! So shines a good deed
in a naughty world. = Shakespeare. "The Merchant of Venice"
More information about the infrastructure
mailing list