Changeset 71b798c in lab.git for iptables


Ignore:
Timestamp:
Jul 5, 2009 12:58:46 PM (16 years ago)
Author:
mitty <mitty@…>
Branches:
master, trunk
Children:
84d8293
Parents:
4999639
Message:
  • NEW setfilter now sets nat table
    • this feature clashes with setnapt.sh because both of them reset nat table
    • do not use them (setfilter and setnapt.sh) at the same same time
  • accept connections to local services from WAN
    • ACCEPT and REDIRECT examples

git-svn-id: https://lab.mitty.jp/svn/lab/trunk@13 7d2118f6-f56c-43e7-95a2-4bb3031d96e7

Location:
iptables
Files:
1 added
2 edited

Legend:

Unmodified
Added
Removed

  • iptables/setfilter

    rc109418 r71b798c  
    3434        error="" 
    3535         
    36         tables="raw mangle" 
     36        tables="raw mangle nat" 
    3737        for table in $tables 
    3838        do 
     
    7474    error="" 
    7575     
    76     tables="raw mangle" 
     76    tables="raw mangle nat" 
    7777    for table in $tables 
    7878    do 

  • iptables/ufw/after.rules

    r4999639 r71b798c  
    1616# End required lines 
    1717 
     18## allow connections to the local services from WAN 
     19# ssh 22/tcp 
     20-A ufw-after-input -p tcp --syn -m state --state NEW --dport 22 -j ACCEPT 
     21# https 443/tcp 
     22-A ufw-after-input -p tcp --syn -m state --state NEW --dport 443 -j ACCEPT 
     23 
    1824# don't log noisy services by default 
    1925-A ufw-after-input -p udp --dport 137 -j RETURN 
Note: See TracChangeset for help on using the changeset viewer.