diff options
| author | LUXEY Adrien <adrien.luxey@inria.fr> | 2021-03-23 17:09:09 +0100 |
|---|---|---|
| committer | LUXEY Adrien <adrien.luxey@inria.fr> | 2021-03-23 17:09:09 +0100 |
| commit | 6f09e7de1c053ff33daad161b5e62e6b31638c53 (patch) | |
| tree | cf4e4660fcc7098ce1759326b5a0df0d46d3ef37 /os/config/roles/network/templates | |
| parent | 5126868e30960ef77af8b87357d1fd8646972397 (diff) | |
| parent | 7277927ea31ea66f1a3b186423ba59fac2d30d0f (diff) | |
| download | infrastructure-6f09e7de1c053ff33daad161b5e62e6b31638c53.tar.gz infrastructure-6f09e7de1c053ff33daad161b5e62e6b31638c53.zip | |
Merge branch 'hammerhead_install' into main
Diffstat (limited to 'os/config/roles/network/templates')
| -rw-r--r-- | os/config/roles/network/templates/rules.v4 | 4 | ||||
| -rw-r--r-- | os/config/roles/network/templates/rules.v6 | 4 |
2 files changed, 5 insertions, 3 deletions
diff --git a/os/config/roles/network/templates/rules.v4 b/os/config/roles/network/templates/rules.v4 index a5f138b..8ccaed7 100644 --- a/os/config/roles/network/templates/rules.v4 +++ b/os/config/roles/network/templates/rules.v4 @@ -7,10 +7,10 @@ -A INPUT -p icmp -j ACCEPT # Administration --A INPUT -p tcp --dport 22 -j ACCEPT +-A INPUT -p tcp --dport {{ ssh_port }} -j ACCEPT # Diplonat needs everything open to communicate with IGD with the router --A INPUT -s 192.168.1.254 -j ACCEPT +-A INPUT -s {{ gatewayv4 }} -j ACCEPT # Cluster {% for selected_host in groups['cluster_nodes'] %} diff --git a/os/config/roles/network/templates/rules.v6 b/os/config/roles/network/templates/rules.v6 index e2b94ea..6977f02 100644 --- a/os/config/roles/network/templates/rules.v6 +++ b/os/config/roles/network/templates/rules.v6 @@ -13,7 +13,7 @@ -A INPUT -p ipv6-icmp -j ACCEPT # Administration --A INPUT -p tcp --dport 22 -j ACCEPT +-A INPUT -p tcp --dport {{ ssh_port }} -j ACCEPT # Cluster {% for selected_host in groups['cluster_nodes'] %} @@ -36,6 +36,8 @@ -A DEUXFLEURS-TRUSTED-NET -s 2a02:8428:81d6:6901::0/64 -j DEUXFLEURS-TRUSTED-PORT # ADRN@Gandi -A DEUXFLEURS-TRUSTED-NET -s 2001:4b98:dc0:41:216:3eff:fe9b:1afb/128 -j DEUXFLEURS-TRUSTED-PORT +# ADRN@Kimsufi +-A DEUXFLEURS-TRUSTED-NET -s 2001:41d0:8:ba0b::1/64 -j DEUXFLEURS-TRUSTED-PORT # Quentin@Rennes -A DEUXFLEURS-TRUSTED-NET -s 2a01:e35:2fdc:dbe0::0/64 -j DEUXFLEURS-TRUSTED-PORT # Source address is not trusted |