firewall/ipt-server
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add rule to prevent LX containers from firewalld on host system.

Browse Source
This commit is contained in:
Christoph
2023-05-02 20:45:27 +02:00
parent a2ba79185d
commit ff098ac058
6 changed files with 107 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
conf/interfaces_ipv4.conf.sample
View File

@ -33,7 +33,7 @@ local_ifs="$local_if_1 $local_if_2 $local_if_3"
# -------------
# --- Network Interfaces
# --- IP-Addresses
# -------------
# - Extern IP Addresses on this Host
@ -55,6 +55,30 @@ local_2_ip=""
local_2_ip=""
# -------------
# --- IP-Addresses LXC Guest sSystems
# -------------
# for _guest in $(lxc-ls) ; do echo ; lxc-info -n $_guest | grep -E "(IP:|Name:)" ; done
# NOT IN USE
lxc_guest_1_ip=""
# NOT IN USE
lxc_guest_2_ip=""
# NOT IN USE
lxc_guest_3_ip=""
# NOT IN USE
lxc_guest_4_ip=""
# NOT IN USE
lxc_guest_5_ip=""
# NOT IN USE
lxc_guest_6_ip=""
# NOT IN USE
lxc_guest_7_ip=""
lxc_guest_ips="$lxc_guest_1_ip $lxc_guest_2_ip $lxc_guest_3_ip $lxc_guest_4_ip $lxc_guest_5_ip $lxc_guest_6_ip $lxc_guest_7_ip"
# - Devices given in list "nat_devices" will be natted
# -
# - Blank separated list

24
conf/interfaces_ipv6.conf.sample
View File

@ -55,6 +55,30 @@ local_2_ip=""
local_2_ip=""
# -------------
# --- IP-Addresses LXC Guest sSystems
# -------------
# for _guest in $(lxc-ls) ; do echo ; lxc-info -n $_guest | grep -E "(IP:|Name:)" ; done
# NOT IN USE
lxc_guest_1_ip=""
# NOT IN USE
lxc_guest_2_ip=""
# NOT IN USE
lxc_guest_3_ip=""
# NOT IN USE
lxc_guest_4_ip=""
# NOT IN USE
lxc_guest_5_ip=""
# NOT IN USE
lxc_guest_6_ip=""
# NOT IN USE
lxc_guest_7_ip=""
lxc_guest_ips="$lxc_guest_1_ip $lxc_guest_2_ip $lxc_guest_3_ip $lxc_guest_4_ip $lxc_guest_5_ip $lxc_guest_6_ip $lxc_guest_7_ip"
# - Devices given in list "nat_devices" will be natted
# -
# - Blank separated list

9
conf/main_ipv4.conf.sample
View File

@ -20,6 +20,15 @@
do_not_firewall_bridged_traffic=false
# -------------
# --- Do not firewall traffic from and to LX Gust Systems
# -------------
# - Traffic to hosted LX containers are not firewalled here.
# -
do_not_firewall_lx_guest_systems=true
# -------------
# --- Drop ICMP
# -------------

9
conf/main_ipv6.conf.sample
View File

@ -20,6 +20,15 @@
do_not_firewall_bridged_traffic=false
# -------------
# --- Do not firewall traffic from and to LX Gust Systems
# -------------
# - Traffic to hosted LX containers are not firewalled here.
# -
do_not_firewall_lx_guest_systems=true
# -------------
# --- Drop ICMP
# -------------