Re: Need some looking at iptables change.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 2009-07-01 08:10:17 PM, Stephen John Smoogen wrote:
> Make the patch smaller.
> ---
>  configs/system/iptables-template.conf.erb |    5 +----
>  1 files changed, 1 insertions(+), 4 deletions(-)
> 
> diff --git a/configs/system/iptables-template.conf.erb
> b/configs/system/iptables-template.conf.erb
> index 90a6115..9ccbec0 100644
> --- a/configs/system/iptables-template.conf.erb
> +++ b/configs/system/iptables-template.conf.erb
> @@ -24,7 +24,6 @@
>  # Temporary measure for ro access to nfs1
>  -A INPUT -p tcp -m tcp -s 10.8.34.113 --dport 48621:48624 -j ACCEPT
>  -A INPUT -p udp -m udp -s 10.8.34.113 --dport 48621:48624 -j ACCEPT
> --A INPUT -p tcp -m tcp -s 10.8.34.113 --dport 51234:51235 -j ACCEPT
>  -A INPUT -p tcp -m tcp -s 10.8.34.113 --dport 2049 -j ACCEPT
>  -A INPUT -p udp -m udp -s 10.8.34.113 --dport 2049 -j ACCEPT
>  -A INPUT -p tcp -m tcp -s 10.8.34.113 --dport 111 -j ACCEPT
> @@ -32,7 +31,6 @@
> 
>  -A INPUT -p tcp -m tcp -s 10.8.34.114 --dport 48621:48624 -j ACCEPT
>  -A INPUT -p udp -m udp -s 10.8.34.114 --dport 48621:48624 -j ACCEPT
> --A INPUT -p tcp -m tcp -s 10.8.34.114 --dport 51234:51235 -j ACCEPT
>  -A INPUT -p tcp -m tcp -s 10.8.34.114 --dport 2049 -j ACCEPT
>  -A INPUT -p udp -m udp -s 10.8.34.114 --dport 2049 -j ACCEPT
>  -A INPUT -p tcp -m tcp -s 10.8.34.114 --dport 111 -j ACCEPT
> @@ -40,7 +38,6 @@
> 
>  -A INPUT -p tcp -m tcp -s 10.8.34.83 --dport 48621:48624 -j ACCEPT
>  -A INPUT -p udp -m udp -s 10.8.34.83 --dport 48621:48624 -j ACCEPT
> --A INPUT -p tcp -m tcp -s 10.8.34.83 --dport 51234:51235 -j ACCEPT
>  -A INPUT -p tcp -m tcp -s 10.8.34.83 --dport 2049 -j ACCEPT
>  -A INPUT -p udp -m udp -s 10.8.34.83 --dport 2049 -j ACCEPT
>  -A INPUT -p tcp -m tcp -s 10.8.34.83 --dport 111 -j ACCEPT
> @@ -48,7 +45,6 @@
> 
>  -A INPUT -p tcp -m tcp -s 10.8.34.196 --dport 48621:48624 -j ACCEPT
>  -A INPUT -p udp -m udp -s 10.8.34.196 --dport 48621:48624 -j ACCEPT
> --A INPUT -p tcp -m tcp -s 10.8.34.196 --dport 51234:51235 -j ACCEPT
>  -A INPUT -p tcp -m tcp -s 10.8.34.196 --dport 2049 -j ACCEPT
>  -A INPUT -p udp -m udp -s 10.8.34.196 --dport 2049 -j ACCEPT
>  -A INPUT -p tcp -m tcp -s 10.8.34.196 --dport 111 -j ACCEPT
> @@ -61,6 +57,7 @@
>  -A INPUT -p tcp -m tcp -d 10.8.34.125 --dport 8140 -j ACCEPT
>  -A INPUT -p tcp -m tcp -d 10.8.34.125 --dport 873 -j ACCEPT
>  -A INPUT -p tcp -m tcp -d 10.8.34.125 --dport 80 -j ACCEPT
> +-A INPUT -p tcp -m tcp -d 10.8.34.125 --dport 51234:51235 -j ACCEPT
>  -A INPUT -p tcp -m tcp -d 10.8.34.50 --dport 25 -j ACCEPT
>  -A INPUT -s 10.8.34.113 -j REJECT --reject-with icmp-host-prohibited
>  -A INPUT -s 10.8.34.114 -j REJECT --reject-with icmp-host-prohibited
> -- 
> 1.5.5.6
Looks good to me.

Thanks,
Ricky

Attachment: pgppUVIwwTc5M.pgp
Description: PGP signature

_______________________________________________
Fedora-infrastructure-list mailing list
Fedora-infrastructure-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list
[Index of Archives]     [Fedora Development]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [KDE Users]

  Powered by Linux