Author: eelco
Date: Wed Mar 9 16:55:09 2011
New Revision: 26237
URL: https://svn.nixos.org/websvn/nix/?rev=26237&sc=1
Log:
* Enable the firewall on cartman.
Modified:
configurations/trunk/tud/cartman.nix
Modified: configurations/trunk/tud/cartman.nix
==============================================================================
--- configurations/trunk/tud/cartman.nix Wed Mar 9 16:37:16 2011
(r26236)
+++ configurations/trunk/tud/cartman.nix Wed Mar 9 16:55:09 2011
(r26237)
@@ -84,6 +84,12 @@
extraHosts = "192.168.1.5 cartman";
+ firewall.enable = true;
+ firewall.allowedTCPPorts = [ 80 443 10051 ];
+ firewall.allowedUDPPorts = [ 53 67 ];
+ firewall.rejectPackets = true;
+ firewall.allowPing = true;
+
localCommands =
''
# Provide NATting for the build machines on 192.168.1.*.
@@ -102,7 +108,7 @@
iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -j SNAT --to-source
${myIP}
# lucifer ssh (to give Karl/Armijn access for the BAT project)
- iptables -t nat -A PREROUTING -p tcp -i eth1 --dport 22222 -j DNAT
--to 192.168.1.25:22
+ #iptables -t nat -A PREROUTING -p tcp -i eth1 --dport 22222 -j DNAT
--to 192.168.1.25:22
echo 1 > /proc/sys/net/ipv4/ip_forward
_______________________________________________
nix-commits mailing list
[email protected]
http://mail.cs.uu.nl/mailman/listinfo/nix-commits
