On Mon, Aug 24, 2009 at 4:08 PM, Mike McGrath<mmcgrath@xxxxxxxxxx> wrote:
> ---
> manifests/servergroups/proxy.pp | 3 ++-
> 1 files changed, 2 insertions(+), 1 deletions(-)
>
> diff --git a/manifests/servergroups/proxy.pp b/manifests/servergroups/proxy.pp
> index bdea7b6..70bbcf4 100644
> --- a/manifests/servergroups/proxy.pp
> +++ b/manifests/servergroups/proxy.pp
> @@ -741,7 +741,8 @@ class proxy {
> # Firewall Rules, allow HTTP traffic through
> $tcpPorts = [ 80, 443, 873, 8080 ]
> $udpPorts = []
> - $custom = []
> + $custom = ['-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT',
> + '-A INPUT -p tcp -m tcp --sport 80 -j DROP']
>
> iptables { "/etc/sysconfig/iptables":
> content => template("system/iptables-template.conf.erb"),
> --
+1 for the meantime.
--
Stephen J Smoogen.
Ah, but a man's reach should exceed his grasp. Or what's a heaven for?
-- Robert Browning
_______________________________________________
Fedora-infrastructure-list mailing list
Fedora-infrastructure-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list
