ar
/
old-firewall
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
132 Commits
1 Branch
0 Tags
80 KiB
Commit Graph

132 Commits (master)

Author SHA1 Message Date
Robert "ar" Gerus e833daec81 small fixes 2013-03-23 06:32:56 +01:00
Robert "ar" Gerus 05ae772e99 Don't err with no parameters 2013-03-23 06:28:37 +01:00
Robert "ar" Gerus b649dec436 policy - ACCEPT 2013-03-23 06:26:23 +01:00
Robert "ar" Gerus bc4ce5ccee typo 2013-03-12 17:30:38 +01:00
Robert "ar" Gerus 6879b88bfd it should work now. 2013-03-12 17:28:59 +01:00
Robert "ar" Gerus 15156bc1cb fukitol. 2013-03-12 16:15:01 +01:00
Robert "ar" Gerus 65fa267c2f ehh... 2013-03-12 16:13:49 +01:00
Robert "ar" Gerus eee9b8d627 fuckitall 2013-03-12 16:12:58 +01:00
Robert "ar" Gerus 84cf596dda yeah yeah, -j ACCEPT... 2013-03-12 16:04:28 +01:00
Robert "ar" Gerus af7ff9550d swap it. 2013-03-12 16:01:51 +01:00
Robert "ar" Gerus 99a940c16a forgot about output chain. 2013-03-12 15:59:12 +01:00
Robert "ar" Gerus 0e79c8cae8 Permit local connections to DNS. 2013-03-12 15:57:14 +01:00
Robert "ar" Gerus 1186c1e5a1 permit ntp traffic to tempus1.gum.gov.pl and tempus2.gum.gov.pl from firewall 2013-03-12 13:51:28 +01:00
Robert "ar" Gerus 7c70c33a2a enable outbound http for now again. 2013-03-12 13:27:36 +01:00
Robert "ar" Gerus 67de643a77 Add bash script headers, to make editors treat rule files as bash scripts for syntax highlighting etc. 2013-03-12 10:07:06 +01:00
Robert "ar" Gerus 2b43695452 cleanup & fix 2013-03-11 22:04:48 +01:00
Robert "ar" Gerus f25b58a981 try this 2013-03-11 21:57:45 +01:00
Robert "ar" Gerus e1db34e9d9 try to use multiport match 2013-03-11 21:52:34 +01:00
Robert "ar" Gerus 0342e5de6b Now it should work 2013-03-11 21:49:16 +01:00
Robert "ar" Gerus f1e0978bf7 hmm.. 2013-03-11 21:46:08 +01:00
Robert "ar" Gerus 9c585fa543 try something else... 2013-03-11 21:38:24 +01:00
Robert "ar" Gerus f644fae1b2 Pass the ssh port through 2013-03-11 21:34:32 +01:00
Robert "ar" Gerus 4dcc88178d Block crap by default 2013-03-11 21:32:46 +01:00
Robert "ar" Gerus 8e0b26731b No second WAN ip for us... 2013-03-11 21:32:27 +01:00
Robert "ar" Gerus 3119e275d5 WAN not LAN 2013-03-11 21:14:11 +01:00
Robert "ar" Gerus 9799bf2786 test 2013-03-11 20:10:48 +01:00
Robert "ar" Gerus b9dea0611f hmm... 2013-03-11 20:08:37 +01:00
Robert "ar" Gerus 713a85ab6e Cleaned up and added rtorrent port forwards. 2013-03-11 19:16:08 +01:00
Robert "ar" Gerus 5691b6ad5f Don't need it anymore 2013-03-11 19:10:00 +01:00
Robert "ar" Gerus 3d175eb83e Cleanup. 2013-03-11 19:05:06 +01:00
Robert "ar" Gerus 56669f4136 Fix and cleanup. 2013-03-11 19:01:44 +01:00
Robert "ar" Gerus 111a104be8 Fix and cleanup. 2013-03-11 19:01:09 +01:00
Robert "ar" Gerus 8cefb0e5c5 We *probably* don't need these. 2013-03-11 18:53:21 +01:00
Robert "ar" Gerus 3a170b22ba OK, we need this one. 2013-03-11 18:48:54 +01:00
Robert "ar" Gerus 4223d37857 Add a conntrack based INPUT rule and comment-out, for now, other INPUT rules. 2013-03-11 18:45:11 +01:00
Robert "ar" Gerus 3526f0157d typo 2013-03-11 18:41:45 +01:00
Robert "ar" Gerus d5608db696 Temporairly permit outbound HTTP. 2013-03-11 18:41:17 +01:00
Robert "ar" Gerus 6964eb5087 Permit outbound connections to DNS servers. 2013-03-11 18:37:30 +01:00
Robert "ar" Gerus efee8d3df6 A small fix 2013-03-11 18:32:23 +01:00
Robert "ar" Gerus b6da2d8eac That's not needed anymore 2013-03-11 18:29:42 +01:00
Robert "ar" Gerus 8bddec4f78 change policy to DROP 2013-03-11 18:24:42 +01:00
Robert "ar" Gerus bb10835825 Add output chain rules for services. 2013-03-11 18:22:32 +01:00
Robert "ar" Gerus 174ae7e8a0 Load it at the end 2013-03-11 18:20:33 +01:00
Robert "ar" Gerus 74c5cd0b1b Don't block related or established traffic on WAN 2013-03-11 17:29:56 +01:00
Robert "ar" Gerus 1d2eeade80 Change the default policy to: reject all incoming traffic from WAN interface, leave LAN interface alone 2013-03-11 17:24:59 +01:00
Robert "ar" Gerus 33aa41f864 Neuter the default policy ruleset 2013-03-11 17:21:43 +01:00
Robert "ar" Gerus f01018683d A small fix. 2013-03-11 14:14:11 +01:00
Robert "ar" Gerus d2e9fdbe49 Typo 2013-03-11 14:11:12 +01:00
Robert "ar" Gerus 5887c025ae Permit outgoing ssh connections to amanojaku 2013-03-11 14:10:38 +01:00
Robert "ar" Gerus 0f6b9e926e Apparently only DROP and ACCEPT will work. 2013-03-11 13:25:00 +01:00