From d57ddacf1935302793b7e11f5ab1ea8fbda51a09 Mon Sep 17 00:00:00 2001 From: Christian Heller <c.heller@plomlompom.de> Date: Fri, 23 Nov 2018 01:24:29 +0100 Subject: [PATCH] WIP. --- .../linkable_etc_files/server/etc/iptables/rules.v4 | 11 +++++++++++ all_new_2018/setup_server.sh | 2 +- 2 files changed, 12 insertions(+), 1 deletion(-) create mode 100644 all_new_2018/linkable_etc_files/server/etc/iptables/rules.v4 diff --git a/all_new_2018/linkable_etc_files/server/etc/iptables/rules.v4 b/all_new_2018/linkable_etc_files/server/etc/iptables/rules.v4 new file mode 100644 index 0000000..f568789 --- /dev/null +++ b/all_new_2018/linkable_etc_files/server/etc/iptables/rules.v4 @@ -0,0 +1,11 @@ +*filter +:INPUT DROP [0:0] +:FORWARD DROP [0:0] +:OUTPUT ACCEPT [0:0] +-A INPUT -i lo -j ACCEPT +-A INPUT -p icmp -j ACCEPT +-A INPUT -p tcp --dport 22 -j ACCEPT +-A INPUT -p tcp --dport 443 -j ACCEPT +-A INPUT -p tcp --dport 80 -j ACCEPT +-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT +COMMIT \ No newline at end of file diff --git a/all_new_2018/setup_server.sh b/all_new_2018/setup_server.sh index a4f8599..e4fbaa2 100755 --- a/all_new_2018/setup_server.sh +++ b/all_new_2018/setup_server.sh @@ -11,7 +11,7 @@ fi hostname="$1" fqdn="$2" -# Adapt /etc/ to our needs by symlinking into ./linkable_etc_files. This +# Adapt /etc/ to our needs by hardlinking into ./linkable_etc_files. This # will set basic configurations affecting following steps, such as setup # of APT and the locale selection, so needs to be right at the beginning. ./hardlink_etc.sh all server -- 2.30.2