home
·
contact
·
privacy
projects
/
config
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
8d73bb2
)
Remove port 443 workaround for blocked SSH port; too rare an issue.
author
Christian Heller
<c.heller@plomlompom.de>
Sun, 2 Dec 2018 00:17:59 +0000
(
01:17
+0100)
committer
Christian Heller
<c.heller@plomlompom.de>
Sun, 2 Dec 2018 00:17:59 +0000
(
01:17
+0100)
all_new_2018/linkable_etc_files/mail/etc/iptables/rules.v4
patch
|
blob
|
history
all_new_2018/linkable_etc_files/server/etc/iptables/rules.v4
patch
|
blob
|
history
all_new_2018/linkable_etc_files/server/etc/ssh/sshd_config
patch
|
blob
|
history
diff --git
a/all_new_2018/linkable_etc_files/mail/etc/iptables/rules.v4
b/all_new_2018/linkable_etc_files/mail/etc/iptables/rules.v4
index 7fb42792e0ddb68cde9554f83c1f0fb06e447cf7..295032129c2104364c9c44ac2907346228392b3f 100644
(file)
--- a/
all_new_2018/linkable_etc_files/mail/etc/iptables/rules.v4
+++ b/
all_new_2018/linkable_etc_files/mail/etc/iptables/rules.v4
@@
-10,8
+10,6
@@
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
# SSH
-A INPUT -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
# SSH
-A INPUT -p tcp --dport 22 -j ACCEPT
-# HTTPS in theory, in practice my second SSH port, see sshd_config
--A INPUT -p tcp --dport 443 -j ACCEPT
# SMTP (allowing for STARTTLS); necessary for mail server to mail server banter
-A INPUT -p tcp --dport 25 -j ACCEPT
# SMTPS, for mail server to mail user agent communication
# SMTP (allowing for STARTTLS); necessary for mail server to mail server banter
-A INPUT -p tcp --dport 25 -j ACCEPT
# SMTPS, for mail server to mail user agent communication
diff --git
a/all_new_2018/linkable_etc_files/server/etc/iptables/rules.v4
b/all_new_2018/linkable_etc_files/server/etc/iptables/rules.v4
index 6899ef68078f8ff4aacf9819a04d516858b91e19..8e0b1f6914be55c4a6e551b7f088a29f26579c81 100644
(file)
--- a/
all_new_2018/linkable_etc_files/server/etc/iptables/rules.v4
+++ b/
all_new_2018/linkable_etc_files/server/etc/iptables/rules.v4
@@
-10,7
+10,5
@@
-A INPUT -p icmp -j ACCEPT
# SSH
-A INPUT -p tcp --dport 22 -j ACCEPT
-A INPUT -p icmp -j ACCEPT
# SSH
-A INPUT -p tcp --dport 22 -j ACCEPT
-# HTTPS in theory, in practice my second SSH port, see sshd_config
--A INPUT -p tcp --dport 443 -j ACCEPT
COMMIT
# this last line is here because iptables-restore ignores the final command if no newline follows it
\ No newline at end of file
COMMIT
# this last line is here because iptables-restore ignores the final command if no newline follows it
\ No newline at end of file
diff --git
a/all_new_2018/linkable_etc_files/server/etc/ssh/sshd_config
b/all_new_2018/linkable_etc_files/server/etc/ssh/sshd_config
index c3d8c6a02b5699ec90a96c5e748a0b2786e4fe92..89d08acde978ec478dfcc8b117559af4e1d7a34e 100644
(file)
--- a/
all_new_2018/linkable_etc_files/server/etc/ssh/sshd_config
+++ b/
all_new_2018/linkable_etc_files/server/etc/ssh/sshd_config
@@
-11,7
+11,6
@@
# default value.
Port 22
# default value.
Port 22
-Port 443 # plomlompom: used for networks where 22 is banned
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::