Changeset 13 in lab


Ignore:
Timestamp:
Jul 5, 2009 12:58:46 PM (15 years ago)
Author:
mitty
Message:
  • NEW setfilter now sets nat table
    • this feature clashes with setnapt.sh because both of them reset nat table
    • do not use them (setfilter and setnapt.sh) at the same same time
  • accept connections to local services from WAN
    • ACCEPT and REDIRECT examples
Location:
trunk/iptables
Files:
1 added
2 edited

Legend:

Unmodified
Added
Removed
  • trunk/iptables/setfilter

    r10 r13  
    3434        error="" 
    3535         
    36         tables="raw mangle" 
     36        tables="raw mangle nat" 
    3737        for table in $tables 
    3838        do 
     
    7474    error="" 
    7575     
    76     tables="raw mangle" 
     76    tables="raw mangle nat" 
    7777    for table in $tables 
    7878    do 
  • trunk/iptables/ufw/after.rules

    r12 r13  
    1616# End required lines 
    1717 
     18## allow connections to the local services from WAN 
     19# ssh 22/tcp 
     20-A ufw-after-input -p tcp --syn -m state --state NEW --dport 22 -j ACCEPT 
     21# https 443/tcp 
     22-A ufw-after-input -p tcp --syn -m state --state NEW --dport 443 -j ACCEPT 
     23 
    1824# don't log noisy services by default 
    1925-A ufw-after-input -p udp --dport 137 -j RETURN 
Note: See TracChangeset for help on using the changeset viewer.