Download as
Browse Code »

Commit 6fe07f3597e5317f8f85cca4008e96dab3035365

Authored by Sergio Oliveira
1 parent da04baca
Exists in master and in 36 other branches add_super_archives_plugin, automates_core_packing, changes_in_buttons_on_content_panel, colab_fix_automatic_group_creation_bug, gitlab-8.x, gov-user-refactoring, gov-user-refactoring-rails4, gov-user-to-organization, high_contrast, high_contrast_style, institution_modal_on_rating, kalibro-conf-refactoring, kalibro-processor-package, mezuro_spb, packaging_colab_plugins, performance, refactor_software_communities, refactor_software_communities_rails4, refactor_software_for_sisp, refactor_software_info_to_software, register_page, remove-unused-images, removing_super_archives_email, restore, signals_user_noosfero, software_as_organization, spb_minimal_env, stable-4.1, stable-4.2, stable-4.x, stable-5.0, stable-5.1, stable-devel, temp_soft_comm_refactoring, theme_header, thread_page

Added missing lines to allow port redirects

Showing 1 changed file with 5 additions and 0 deletions   Show diff stats
utils/reverseproxy_ssh_setup
  Diff comments   View file @6fe07f3
... ... @@ -31,3 +31,8 @@ systemctl restart sshd
31 31 iptables -t nat -A PREROUTING -d $reverseproxy_ip/32 -p tcp -m tcp --dport 22 -j DNAT --to-destination $integration_ip:22
32 32 iptables -t nat -A POSTROUTING -d $integration_ip/32 -p tcp -m tcp --dport 22 -j SNAT --to-source $reverseproxy_ip
33 33 sysctl -w net.ipv4.ip_forward=1
  34 +
  35 +# Allow port redirects
  36 +iptables -t filter -A INPUT -p tcp -m state --state NEW --dport 22 -j ACCEPT
  37 +iptables -t filter -A FORWARD -p tcp -d $integration_ip --dport 22 -j ACCEPT
  38 +iptables -t filter -A FORWARD -s $integration_ip -p tcp --sport 22 -j ACCEPT
... ...