coimbrap
/
projet_serveur_krkn
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Durcissement krkn

master
Pierre Coimbra 2019-10-28 14:18:04 +01:00
parent 0f368e9e96
commit dc5eecd885
No known key found for this signature in database
GPG Key ID: F9C449C78F6FAEE6
1 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
infra/shorewall/shorewall_alpha.md
View File

@ -37,8 +37,6 @@ $FW coro ACCEPT
krkn net ACCEPT
ext net ACCEPT
int net ACCEPT
krkn int ACCEPT
krkn ext ACCEPT
ext krkn DROP info
net all DROP info
@ -67,11 +65,15 @@ SSH(ACCEPT) net all
SSH(ACCEPT) $FW int
#Nécessaire pour l'initialisation du corosync
ACCEPT coro $FW icmp
ACCEPT coro $FW icmp
ACCEPT $FW krkn icmp
ACCEPT $FW ext icmp
ACCEPT $FW net icmp
ACCEPT krkn int tcp 80,443
ACCEPT krkn ext tcp 80,443
ACCEPT net $FW tcp 8006
```
### /etc/shorewall/snat
Configuration SNAT permettant de faire du "masquerading", ainsi les paquets qui sortent des CT LXC ont comme IP source, l'IP de l'interface externe _eth0_.