Infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions

- add nrpe allows to global iptables

Browse source 
- clean up a lot of the BSI from releng iptables
This commit is contained in:
Seth Vidal 2013-06-17 21:05:31 +00:00
parent 9f27b9c1e5
commit e43cd8a91c
3 changed files with 12 additions and 148 deletions
Download patch file Download diff file Expand all files Collapse all files

7
files/iptables/iptables
View file

@ -23,6 +23,13 @@
-A INPUT -p tcp -m tcp --dport 5099 -s 10.5.127.51 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 5099 -s 209.132.181.6 -j ACCEPT
# for nrpe - allow it from nocs
-A INPUT -p tcp -m tcp --dport 5666 -s 192.168.1.10 -j ACCEPT
# FIXME - this is the global nat-ip and we need the noc01-specific ip
-A INPUT -p tcp -m tcp --dport 5666 -s 209.132.181.102 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 5666 -s 10.5.126.41 -j ACCEPT
# if the host/group defines incoming tcp_ports - allow them
{% for port in tcp_ports %}
-A INPUT -p tcp -m tcp --dport {{ port }} -j ACCEPT