Infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions

Narrow this forward to only valid ips at site.

Browse source
This commit is contained in:
Kevin Fenzi 2014-07-05 21:33:31 +00:00
parent 692458e19e
commit 2032b6396a
1 changed files with 2 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

3
roles/base/templates/iptables/iptables.coloamer
View file

@ -60,7 +60,8 @@
# otherwise kick everything out
-A INPUT -j REJECT --reject-with icmp-host-prohibited
{% if virthost is defined %}
-A FORWARD -j ACCEPT
-A FORWARD -s 67.203.2.64/29 -j ACCEPT
-A FORWARD -d 67.203.2.64/29 -j ACCEPT
{% else %}
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
{% endif %}