TWiki>
Main Web>TWikiUsers>OlgaNovgorodova>TestBenchSetupDresden>VPNserverSettings>FileIPTables (2013-11-21, OlgaNovgorodova)
EditAttachPDF
Main Web>TWikiUsers>OlgaNovgorodova>TestBenchSetupDresden>VPNserverSettings>FileIPTables (2013-11-21, OlgaNovgorodova) EditAttachPDF
# Firewall configuration written by system-config-securitylevel
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
#avahi
#-A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT
#cups
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
#
# largrod3.unige.ch
# -A RH-Firewall-1-INPUT -s 129.194.53.189 -j ACCEPT
# scpc00.unige.ch
# -A RH-Firewall-1-INPUT -s 129.194.50.71 -j ACCEPT
# scpc30.unige.ch
# -A RH-Firewall-1-INPUT -s 129.194.49.90 -j ACCEPT
# portable Bertrand
# -A RH-Firewall-1-INPUT -s 129.194.50.172 -j ACCEPT
# machine LAPP
#-A RH-Firewall-1-INPUT -s 134.158.97.113 -j ACCEPT
#-A RH-Firewall-1-INPUT -s 134.158.0.0/16 -j ACCEPT
# portable Bertrand local
-A RH-Firewall-1-INPUT -s 192.168.123.4 -j ACCEPT
# Tout le sous-reseau local
-A RH-Firewall-1-INPUT -s 192.168.123.0/24 -j ACCEPT
# PC Yann
# -A RH-Firewall-1-INPUT -s 178.18.57.140 -j ACCEPT
# pktlogin.phy.tu-dresden.de
-A RH-Firewall-1-INPUT -s 141.30.85.34 -j ACCEPT
-A RH-Firewall-1-INPUT -s 141.30.85.36 -j ACCEPT
# vpnserver
-A RH-Firewall-1-INPUT -s 192.168.3.31 -j ACCEPT
# vpnserver assigned ip addresses
-A RH-Firewall-1-INPUT -s 10.50.216.0/24 -j ACCEPT
#NFS
#-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 2049 -j ACCEPT
#
#tftp
-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 69 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 69 -j ACCEPT
#ssh
#-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
#afs
-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 7001 -j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
COMMIT
-- OlgaNovgorodova - 21 Nov 2013
Edit | Attach | Topic revision: r1 - 2013-11-21 - OlgaNovgorodova
Home
Index
Search
Changes
Notifications
RSS Feed
Documentation
SupportWebs
Main
Main Archive
Plugins
Sandbox for tests
- ABATBEA
- ACPP
- ADCgroup
- AEGIS
- AfricaMap
- AgileInfrastructure
- ALICE
- AliceEbyE
- AliceSPD
- AliceSSD
- AliceTOF
- AliFemto
- ALPHA
- Altair
- ArdaGrid
- ASACUSA
- AthenaFCalTBAna
- Atlas
- AtlasLBNL
- AXIALPET
- CAE
- CALICE
- CDS
- CENF
- CERNSearch
- CLIC
- Cloud
- CloudServices
- CMS
- Controls
- CTA
- CvmFS
- DB
- DefaultWeb
- DESgroup
- DPHEP
- DM-LHC
- DSSGroup
- EGEE
- EgeePtf
- ELFms
- EMI
- ETICS
- FIOgroup
- FlukaTeam
- Frontier
- Gaudi
- GeneratorServices
- GuidesInfo
- HardwareLabs
- HCC
- HEPIX
- ILCBDSColl
- ILCTPC
- IMWG
- Inspire
- IPv6
- IT
- ItCommTeam
- ITCoord
- ITdeptTechForum
- ITDRP
- ITGT
- ITSDC
- LAr
- LCG
- LCGAAWorkbook
- Leade
- LHCAccess
- LHCAtHome
- LHCb
- LHCgas
- LHCONE
- LHCOPN
- LinuxSupport
- Main
- Medipix
- Messaging
- MPGD
- NA49
- NA61
- NA62
- NTOF
- Openlab
- PDBService
- Persistency
- PESgroup
- Plugins
- PSAccess
- PSBUpgrade
- R2Eproject
- RCTF
- RD42
- RFCond12
- RFLowLevel
- ROXIE
- Sandbox
- SocialActivities
- SPI
- SRMDev
- SSM
- Student
- SuperComputing
- Support
- SwfCatalogue
- TMVA
- TOTEM
- TWiki
- UNOSAT
- Virtualization
- VOBox
- WITCH
- XTCA
Welcome Guest Login or Register
 |
|
Copyright &© 2008-2024 by the contributing authors. All material on this collaboration platform is the property of the contributing authors. or Ideas, requests, problems regarding TWiki? use Discourse or Send feedback