coimbrap/projet_serveur_krkn
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Corrections et mise à jour

Browse Source
This commit is contained in:
Pierre Coimbra
2020-03-05 07:21:54 +01:00
parent 4ef032f0f2
commit 501c84ce42
6 changed files with 34 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
deploiement/sources/zone_dmz/ferm/dns_ferm.conf
View File

@@ -32,6 +32,10 @@
@def $UDP_OPEN_PORT_BACK_ACCESS = ();
# Besoin de VRRP sur IF_VRRP
@def $NEED_VRRP = 0; #0 pour NON 1 pour OUI
@def $IF_VRRP = eth0;
table filter {
chain INPUT {
policy DROP;
@@ -44,6 +48,10 @@ table filter {
interface $IF_FRONT proto tcp dport $OPEN_PORT_FRONT_REQUEST ACCEPT;
}
@if $NEED_VRRP {
interface $IF_VRRP proto vrrp ACCEPT;
}
@if $NEED_UDP_FRONT_REQUEST {
interface $IF_FRONT proto udp dport $UDP_OPEN_PORT_FRONT_REQUEST ACCEPT;
}
@@ -71,6 +79,10 @@ table filter {
outerface $IF_FRONT proto tcp dport $OPEN_PORT_FRONT_ACCESS ACCEPT;
}
@if $NEED_VRRP {
outerface $IF_VRRP proto vrrp ACCEPT;
}
@if $NEED_UDP_FRONT_ACCESS {
outerface $IF_BACK proto udp dport $UDP_OPEN_PORT_FRONT_ACCESS ACCEPT;
}