coimbrap/projet_serveur_krkn
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Durcissement krkn

Browse Source
This commit is contained in:
Pierre Coimbra
2019-10-28 14:18:04 +01:00
committed by Pierre Coimbra
parent cc9aee0b7b
commit 699f868bcc
1 changed files with 5 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
infra/shorewall/shorewall_alpha.md
View File

@@ -37,8 +37,6 @@ $FW coro ACCEPT
krkn net ACCEPT
ext net ACCEPT
int net ACCEPT
krkn int ACCEPT
krkn ext ACCEPT
ext krkn DROP info
net all DROP info
@@ -67,11 +65,15 @@ SSH(ACCEPT) net all
SSH(ACCEPT) $FW int
#Nécessaire pour l'initialisation du corosync
ACCEPT coro $FW icmp
ACCEPT coro $FW icmp
ACCEPT $FW krkn icmp
ACCEPT $FW ext icmp
ACCEPT $FW net icmp
ACCEPT krkn int tcp 80,443
ACCEPT krkn ext tcp 80,443
ACCEPT net $FW tcp 8006
```
### /etc/shorewall/snat
Configuration SNAT permettant de faire du "masquerading", ainsi les paquets qui sortent des CT LXC ont comme IP source, l'IP de l'interface externe _eth0_.