diff options
author | andreas@tuxedo-six | 2018-01-02 16:25:23 +0100 |
---|---|---|
committer | andreas@tuxedo-six | 2018-01-02 16:25:23 +0100 |
commit | 68e8ca58182738040fe80d8f50c33571b419f0c5 (patch) | |
tree | 41ef4c916501302a46d808573ede93c2609c890d | |
parent | 100523e2256a6d71becf7ec9ccaa0d7b9ab08ead (diff) | |
download | dotfiles-68e8ca58182738040fe80d8f50c33571b419f0c5.zip dotfiles-68e8ca58182738040fe80d8f50c33571b419f0c5.tar.gz |
Firewall config for web server added.
-rw-r--r-- | src/firewall/rules.v4 | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/src/firewall/rules.v4 b/src/firewall/rules.v4 index f05dd44..8a5620b 100644 --- a/src/firewall/rules.v4 +++ b/src/firewall/rules.v4 @@ -46,6 +46,14 @@ #-A INPUT -p tcp -m state --state ESTABLISHED,RELATED --sport 80 -j ACCEPT #-A INPUT -p tcp -m state --state ESTABLISHED,RELATED --sport 443 -j ACCEPT +# Web server (HTTPS) +#-A INPUT -p tcp --dport 443 -j ACCEPT +#-A OUTPUT -p tcp -m tcp --sport 443 -m state --state RELATED,ESTABLISHED -j ACCEPT + +# Web server (HTTP) +#-A INPUT -p tcp -m state --state NEW,ESTABLISHED --dport 80 -j ACCEPT +#-A OUTPUT -p tcp -m tcp --sport 80 -m state --state RELATED,ESTABLISHED -j ACCEPT + # CUPS server (only required for remote access) #-A INPUT -p udp --dport 631 -j ACCEPT #-A INPUT -p tcp --dport 631 -j ACCEPT |