aboutsummaryrefslogtreecommitdiff
path: root/os/config/roles/network
diff options
context:
space:
mode:
Diffstat (limited to 'os/config/roles/network')
-rw-r--r--os/config/roles/network/templates/rules.v44
-rw-r--r--os/config/roles/network/templates/rules.v64
2 files changed, 5 insertions, 3 deletions
diff --git a/os/config/roles/network/templates/rules.v4 b/os/config/roles/network/templates/rules.v4
index a5f138b..83f5348 100644
--- a/os/config/roles/network/templates/rules.v4
+++ b/os/config/roles/network/templates/rules.v4
@@ -7,10 +7,10 @@
-A INPUT -p icmp -j ACCEPT
# Administration
--A INPUT -p tcp --dport 22 -j ACCEPT
+-A INPUT -p tcp --dport {{ hostvars[selected_host]['ssh_port'] }} -j ACCEPT
# Diplonat needs everything open to communicate with IGD with the router
--A INPUT -s 192.168.1.254 -j ACCEPT
+-A INPUT -s {{ hostvars[selected_host]['gatewayv4'] }} -j ACCEPT
# Cluster
{% for selected_host in groups['cluster_nodes'] %}
diff --git a/os/config/roles/network/templates/rules.v6 b/os/config/roles/network/templates/rules.v6
index e2b94ea..eace08e 100644
--- a/os/config/roles/network/templates/rules.v6
+++ b/os/config/roles/network/templates/rules.v6
@@ -13,7 +13,7 @@
-A INPUT -p ipv6-icmp -j ACCEPT
# Administration
--A INPUT -p tcp --dport 22 -j ACCEPT
+-A INPUT -p tcp --dport {{ hostvars[selected_host]['ssh_port'] }} -j ACCEPT
# Cluster
{% for selected_host in groups['cluster_nodes'] %}
@@ -36,6 +36,8 @@
-A DEUXFLEURS-TRUSTED-NET -s 2a02:8428:81d6:6901::0/64 -j DEUXFLEURS-TRUSTED-PORT
# ADRN@Gandi
-A DEUXFLEURS-TRUSTED-NET -s 2001:4b98:dc0:41:216:3eff:fe9b:1afb/128 -j DEUXFLEURS-TRUSTED-PORT
+# ADRN@Kimsufi
+-A DEUXFLEURS-TRUSTED-NET -s 2001:41d0:8:ba0b::1/64 -j DEUXFLEURS-TRUSTED-PORT
# Quentin@Rennes
-A DEUXFLEURS-TRUSTED-NET -s 2a01:e35:2fdc:dbe0::0/64 -j DEUXFLEURS-TRUSTED-PORT
# Source address is not trusted
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-03 22:34:22 +0000