Add ipt-server.yml for backup.oopen.de with initial firewall configuration
This commit is contained in:
@@ -0,0 +1,39 @@
|
|||||||
|
---
|
||||||
|
# ipt-firewall configuration for backup.oopen.de
|
||||||
|
# Generated by extract-fw-host-vars.py - review before committing!
|
||||||
|
# Place in: host_vars/<hostname>/ipt_firewall.yml
|
||||||
|
|
||||||
|
fw_manage_config: true
|
||||||
|
|
||||||
|
# --- Network
|
||||||
|
fw_ext_interfaces:
|
||||||
|
- "eth0"
|
||||||
|
fw_ext_ips_v4:
|
||||||
|
- "37.27.121.218"
|
||||||
|
fw_ext_ips_v6:
|
||||||
|
- "2a01:4f9:3070:2bda::218"
|
||||||
|
|
||||||
|
# --- Munin
|
||||||
|
munin_remote_ipv4: 37.27.121.227
|
||||||
|
munin_remote_ipv6: "2a01:4f9:3070:2bda::227"
|
||||||
|
|
||||||
|
# --- Access control IPv4
|
||||||
|
fw_allow_ext_service_v4: "138.201.17.150:1036:tcp o32.oopen.de:2222:tcp"
|
||||||
|
|
||||||
|
# --- Access control IPv6
|
||||||
|
fw_allow_ext_service_v6: "2a01:4f8:171:2895::2,1036,tcp o32.oopen.de,2222,tcp"
|
||||||
|
|
||||||
|
# --- HTTP
|
||||||
|
fw_http_server_ips: $ext_ips
|
||||||
|
|
||||||
|
# --- Out ports
|
||||||
|
# -
|
||||||
|
# - TCP Ports
|
||||||
|
# -
|
||||||
|
# - ssh port k1371.dyndns.org: 51372
|
||||||
|
# - ssh port k1371.homelinux.org: 51374
|
||||||
|
# -
|
||||||
|
fw_tcp_out_ports: 51372 51374
|
||||||
|
|
||||||
|
# --- Block
|
||||||
|
fw_blocked_ips: 222.184.0.0/13 61.160.0.0/16 116.8.0.0/14
|
||||||
Reference in New Issue
Block a user