add the type as well...
Signed-off-by: Nico Schottelius <nico@bento.schottelius.org>
This commit is contained in:
Nico Schottelius
parent
f8d3e36efb
commit
e3f401900a
2 changed files with 9 additions and 0 deletions
9
cdist/conf/type/__panter_iptables/manifest
Normal file
9
cdist/conf/type/__panter_iptables/manifest
Normal file
|
|
@ -0,0 +1,9 @@
|
||||||
|
__iptables_rule policy-in --rule "-P INPUT DROP"
|
||||||
|
__iptables_rule policy-out --rule "-P OUTPUT ACCEPT"
|
||||||
|
__iptables_rule policy-fwd --rule "-P FORWARD DROP"
|
||||||
|
|
||||||
|
__iptables_rule established --rule "-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT"
|
||||||
|
__iptables_rule http --rule "-A INPUT -p tcp --dport 80 -j ACCEPT"
|
||||||
|
__iptables_rule ssh --rule "-A INPUT -p tcp --dport 80 -j ACCEPT"
|
||||||
|
__iptables_rule https --rule "-A INPUT -p tcp --dport 443 -j ACCEPT"
|
||||||
|
__iptables_rule munin --rule "-A INPUT -p tcp --dport 4949 -j ACCEPT"
|
||||||
0
cdist/conf/type/__panter_iptables/singleton
Normal file
0
cdist/conf/type/__panter_iptables/singleton
Normal file
Loading…
Reference in a new issue