Add openstack firewall config module

author: Simon Rettberg 2014-01-21 15:39:25 +0100
committer: Simon Rettberg 2014-01-21 15:39:25 +0100
commit: 85aefd0470e48c904c115e56c47876ee17dc900d (patch)
tree: 7ed5040db68e1b4390547c96b70f858427eced51 /server/modules/openstack-firewall/opt/openslx
parent: <freiburg config> Add nslcd startup (diff)
download: tm-scripts-85aefd0470e48c904c115e56c47876ee17dc900d.tar.gz
tm-scripts-85aefd0470e48c904c115e56c47876ee17dc900d.tar.xz
tm-scripts-85aefd0470e48c904c115e56c47876ee17dc900d.zip
1 files changed, 10 insertions, 0 deletions
diff --git a/server/modules/openstack-firewall/opt/openslx/iptables/rules.d/60-openstack-firewall b/server/modules/openstack-firewall/opt/openslx/iptables/rules.d/60-openstack-firewall
new file mode 100755
index 00000000..136f5c38
--- /dev/null
+++ b/server/modules/openstack-firewall/opt/openslx/iptables/rules.d/60-openstack-firewall
@@ -0,0 +1,10 @@
+#!/bin/ash
+
+# VNC
+iptables -A INPUT -i br0 -p tcp -s 10.4.9.73 --dport 5900:5999 -j ACCEPT
+iptables -A INPUT -i br0 -p tcp --dport 5900:5999 -j REJECT
+
+# KVM
+iptables -A INPUT -i br0 -p tcp -s 132.230.4.0/24 --dport 16509 -j ACCEPT
+iptables -A INPUT -i br0 -p tcp --dport 16509 -j REJECT
+
author	Simon Rettberg	2014-01-21 15:39:25 +0100
committer	Simon Rettberg	2014-01-21 15:39:25 +0100
commit	85aefd0470e48c904c115e56c47876ee17dc900d (patch)
tree	7ed5040db68e1b4390547c96b70f858427eced51 /server/modules/openstack-firewall/opt/openslx
parent	<freiburg config> Add nslcd startup (diff)
download	tm-scripts-85aefd0470e48c904c115e56c47876ee17dc900d.tar.gz tm-scripts-85aefd0470e48c904c115e56c47876ee17dc900d.tar.xz tm-scripts-85aefd0470e48c904c115e56c47876ee17dc900d.zip