Subversion Repositories configs

Rev

Rev 133 | Rev 145 | Go to most recent revision | Show entire file | Ignore whitespace | Details | Blame | Last modification | View Log | RSS feed

Rev 133 Rev 138
Line 17... Line 17...
17 
-A INPUT -p esp -m esp -i eth1 -j ACCEPT
 17 
-A INPUT -p esp -m esp -i eth1 -j ACCEPT
18 
-A INPUT -p ah -m ah -i eth1 -j ACCEPT
 18 
-A INPUT -p ah -m ah -i eth1 -j ACCEPT
19 
-A INPUT -p udp -m udp -i eth1 --dport 500 -j ACCEPT
 19 
-A INPUT -p udp -m udp -i eth1 --dport 500 -j ACCEPT
20 
-A INPUT -p tcp -m tcp -i eth1 --dport 443 -j LOG_ACCEPT
 20 
-A INPUT -p tcp -m tcp -i eth1 --dport 443 -j LOG_ACCEPT
21 
-A INPUT -p udp -m udp -i eth1 --dport 1194 -j ACCEPT
 21 
-A INPUT -p udp -m udp -i eth1 --dport 1194 -j ACCEPT
- 
 
 22 
# letsencrypt certificate renewal
22 
-A INPUT -p tcp -m tcp -i eth1 --dport 80 -j LOG_REJECT
 23 
-A INPUT -p tcp -m tcp -i eth1 --dport 80 -j LOG_ACCEPT
23 
-A INPUT -p tcp -m tcp -i eth1 --dport 8080 -j LOG_REJECT
 24 
-A INPUT -p tcp -m tcp -i eth1 --dport 8080 -j LOG_REJECT
24 
-A INPUT -p tcp -m tcp -i eth1 --dport 25 -j LOG_REJECT
 25 
-A INPUT -p tcp -m tcp -i eth1 --dport 25 -j LOG_REJECT
25 
-A INPUT -p tcp -m tcp -i eth1 --dport 22 -j LOG_REJECT
 26 
-A INPUT -p tcp -m tcp -i eth1 --dport 22 -j LOG_REJECT
26 
-A INPUT -p tcp -m tcp -i eth1 --dport 53 -j LOG_REJECT
 27 
-A INPUT -p tcp -m tcp -i eth1 --dport 53 -j LOG_REJECT
27 
-A INPUT -p tcp -m tcp -i eth1 --dport 111 -j LOG_REJECT
 28 
-A INPUT -p tcp -m tcp -i eth1 --dport 111 -j LOG_REJECT
Line 69... Line 70...
69 
:PREROUTING ACCEPT [9:1101]
 70 
:PREROUTING ACCEPT [9:1101]
70 
:POSTROUTING ACCEPT [14:962]
 71 
:POSTROUTING ACCEPT [14:962]
71 
:OUTPUT ACCEPT [14:962]
 72 
:OUTPUT ACCEPT [14:962]
72 
 
 73 
 
73 
# Webserver
 74 
# Webserver
- 
 
 75 
# letsencrypt certificate renewal
74 
#-A PREROUTING -i eth1 -p tcp --dport 80 -j DNAT --to-destination 10.192.25.240:80
 76 
-A PREROUTING -i eth1 -p tcp --dport 80 -j DNAT --to-destination 10.192.25.240:443
- 
 
 77 
# https
75 
-A PREROUTING -i eth1 -p tcp --dport 443 -j DNAT --to-destination 10.192.25.240:443
 78 
-A PREROUTING -i eth1 -p tcp --dport 443 -j DNAT --to-destination 10.192.25.240:443
76 
 
 79 
 
77 
-A PREROUTING -i eth0 -d 72.219.238.135 -p tcp --dport 80 -j DNAT --to-destination 10.192.25.240:80
 80 
-A PREROUTING -i eth0 -d 72.219.238.135 -p tcp --dport 80 -j DNAT --to-destination 10.192.25.240:80
78 
-A PREROUTING -i eth0 -d 72.219.238.135 -p tcp --dport 443 -j DNAT --to-destination 10.192.25.240:443
 81 
-A PREROUTING -i eth0 -d 72.219.238.135 -p tcp --dport 443 -j DNAT --to-destination 10.192.25.240:443
79 
 
 82