diff options
author | Brent Bloxam <brent.bloxam@gmail.com> | 2012-03-20 13:21:51 -0400 |
---|---|---|
committer | Sol Jerome <sol.jerome@gmail.com> | 2012-03-20 13:48:04 -0500 |
commit | 7c6b388bdcd956e0d5bc58175655346393ea1ca0 (patch) | |
tree | 624c1b1b17100fe6e423fa12062b544045c1a348 /doc | |
parent | 9db7adf03ca47d26f74f20a72542beae153b21f7 (diff) | |
download | bcfg2-7c6b388bdcd956e0d5bc58175655346393ea1ca0.tar.gz bcfg2-7c6b388bdcd956e0d5bc58175655346393ea1ca0.tar.bz2 bcfg2-7c6b388bdcd956e0d5bc58175655346393ea1ca0.zip |
Fixed further inconsistencies in template examples
(cherry picked from commit 3acdc302d2faa196c0df46a7ba300d7d4ec8564b)
Diffstat (limited to 'doc')
-rw-r--r-- | doc/server/plugins/generators/tgenshi/iptables.txt | 18 |
1 files changed, 9 insertions, 9 deletions
diff --git a/doc/server/plugins/generators/tgenshi/iptables.txt b/doc/server/plugins/generators/tgenshi/iptables.txt index afdbcf864..310f9ffab 100644 --- a/doc/server/plugins/generators/tgenshi/iptables.txt +++ b/doc/server/plugins/generators/tgenshi/iptables.txt @@ -64,7 +64,6 @@ iptables :FORWARD DROP [0:0] :OUTPUT ACCEPT [0:0] :NO-SMTP - [0:0] - :SSH - [0:0] #Default rules #discard malicious packets @@ -84,13 +83,14 @@ iptables -A NO-SMTP -j DROP # Allow SSH Access - -A INPUT -p tcp -m state --state NEW -m tcp --tcp-flags FIN,SYN,RST,ACK SYN --dport 22 -j SSH - -A SSH -s 192.168.0.0/255.255.0.0 -j ACCEPT + :SSH - [0:0] + -A INPUT -p tcp -m state --state NEW -m tcp --tcp-flags FIN,SYN,RST,ACK SYN --dport 22 -j SSH + -A SSH -s 192.168.0.0/255.255.0.0 -j ACCEPT # Allow Ganglia Access -A INPUT -m state --state NEW -m tcp -p tcp --tcp-flags FIN,SYN,RST,ACK SYN --src 192.168.1.1 --dport 8649 -j ACCEPT # Gmetad access to gmond - -A INPUT -m state --state NEW -m tcp -p tcp --tcp-flags FIN,SYN,RST,ACK SYN --src 192.168.1.1 --dport 8649 -j ACCEPT + -A INPUT -m state --state NEW -m tcp -p tcp --tcp-flags FIN,SYN,RST,ACK SYN --src 192.168.1.1 --dport 8649 -j ACCEPT # Gmond UDP multicast -A INPUT -m state --state NEW -m udp -p udp --dport 8649 -j ACCEPT @@ -245,20 +245,20 @@ that looks like the following:: # Allow SSH Access :SSH - [0:0] - -A INPUT -p tcp -m state --state NEW -m tcp --tcp-flags FIN,SYN,RST,ACK SYN --dport 22 -j SSH - -A SSH -s 192.168.0.0/255.255.0.0 -j ACCEPT + -A INPUT -p tcp -m state --state NEW -m tcp --tcp-flags FIN,SYN,RST,ACK SYN --dport 22 -j SSH + -A SSH -s 192.168.0.0/255.255.0.0 -j ACCEPT # Allow Ganglia Access -A INPUT -m state --state NEW -m tcp -p tcp --tcp-flags FIN,SYN,RST,ACK SYN --src 192.168.1.1 --dport 8649 -j ACCEPT #Gmetad access to gmond - -A INPUT -m state --state NEW -m tcp -p tcp --tcp-flags FIN,SYN,RST,ACK SYN --src 192.168.1.1 --dport 8649 -j ACCEPT + -A INPUT -m state --state NEW -m tcp -p tcp --tcp-flags FIN,SYN,RST,ACK SYN --src 192.168.1.1 --dport 8649 -j ACCEPT #Gmond UDP multicast -A INPUT -m state --state NEW -m udp -p udp --dport 8649 -j ACCEPT # group custom FILTER rules: :MYSQL - [0:0] - -A INPUT -p tcp -m state --state NEW -m tcp --dport 3306 --tcp-flags FIN,SYN,RST,ACK SYN -j MYSQL - -A MYSQL -s 192.168.0.0/255.0.0.0 -j ACCEPT + -A INPUT -p tcp -m state --state NEW -m tcp --dport 3306 --tcp-flags FIN,SYN,RST,ACK SYN -j MYSQL + -A MYSQL -s 192.168.0.0/255.255.0.0 -j ACCEPT # host-specific FILTER rules: |