Firewall config for web server added.

author: andreas@tuxedo-six 2018-01-02 16:25:23 +0100
committer: andreas@tuxedo-six 2018-01-02 16:25:23 +0100
commit: 68e8ca58182738040fe80d8f50c33571b419f0c5 (patch)
tree: 41ef4c916501302a46d808573ede93c2609c890d
parent: 100523e2256a6d71becf7ec9ccaa0d7b9ab08ead (diff)
download: dotfiles-68e8ca58182738040fe80d8f50c33571b419f0c5.zip
dotfiles-68e8ca58182738040fe80d8f50c33571b419f0c5.tar.gz
1 files changed, 8 insertions, 0 deletions
diff --git a/src/firewall/rules.v4 b/src/firewall/rules.v4
index f05dd44..8a5620b 100644
--- a/src/firewall/rules.v4
+++ b/src/firewall/rules.v4
@@ -46,6 +46,14 @@
 #-A INPUT -p tcp -m state --state ESTABLISHED,RELATED --sport 80 -j ACCEPT
 #-A INPUT -p tcp -m state --state ESTABLISHED,RELATED --sport 443 -j ACCEPT
 
+# Web server (HTTPS)
+#-A INPUT -p tcp --dport 443 -j ACCEPT
+#-A OUTPUT -p tcp -m tcp --sport 443 -m state --state RELATED,ESTABLISHED -j ACCEPT
+
+# Web server (HTTP)
+#-A INPUT -p tcp -m state --state NEW,ESTABLISHED --dport 80 -j ACCEPT
+#-A OUTPUT -p tcp -m tcp --sport 80 -m state --state RELATED,ESTABLISHED -j ACCEPT
+
 # CUPS server (only required for remote access)
 #-A INPUT -p udp --dport 631 -j ACCEPT
 #-A INPUT -p tcp --dport 631 -j ACCEPT
author	andreas@tuxedo-six	2018-01-02 16:25:23 +0100
committer	andreas@tuxedo-six	2018-01-02 16:25:23 +0100
commit	68e8ca58182738040fe80d8f50c33571b419f0c5 (patch)
tree	41ef4c916501302a46d808573ede93c2609c890d
parent	100523e2256a6d71becf7ec9ccaa0d7b9ab08ead (diff)
download	dotfiles-68e8ca58182738040fe80d8f50c33571b419f0c5.zip dotfiles-68e8ca58182738040fe80d8f50c33571b419f0c5.tar.gz