diff options
Diffstat (limited to 'roles/configure_iptables/templates/iptables.rules')
| -rw-r--r-- | roles/configure_iptables/templates/iptables.rules | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/roles/configure_iptables/templates/iptables.rules b/roles/configure_iptables/templates/iptables.rules index 3f0c6a1..8e3e3c8 100644 --- a/roles/configure_iptables/templates/iptables.rules +++ b/roles/configure_iptables/templates/iptables.rules @@ -40,6 +40,7 @@ COMMIT # SSH-Server -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT # iperf3 +-A INPUT -p tcp -m tcp -s 10.30.0.0/18 --dport 5201 -j ACCEPT -A INPUT -p tcp -m tcp -s 10.222.0.0/16 --dport 5201 -j ACCEPT {% if 'fastd' in group_names %} @@ -53,8 +54,9 @@ COMMIT # ntp -A INPUT -p udp -m udp --dport 123 -j ACCEPT # fastd --A INPUT -s 10.222.0.0/16 -p udp -m udp --dport 10010:10021 -j DROP --A INPUT -p udp -m udp --dport 10010:10021 -j ACCEPT +-A INPUT -s 10.30.0.0/18 -p udp -m udp --dport 10010:10023 -j DROP +-A INPUT -s 10.222.0.0/16 -p udp -m udp --dport 10010:10023 -j DROP +-A INPUT -p udp -m udp --dport 10010:10023 -j ACCEPT {% endif %} # MOSH -A INPUT -p udp -m udp --dport 60000:61000 -j ACCEPT @@ -80,6 +82,8 @@ COMMIT -A FORWARD -o {{ ansible_default_ipv4.interface }} -j REJECT -A FORWARD -d 10.222.0.0/16 -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu -A FORWARD -s 10.222.0.0/16 -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu +-A FORWARD -d 10.30.0.0/18 -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu +-A FORWARD -s 10.30.0.0/18 -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu COMMIT *nat |