Browse Source

outgoing http added for nagios checks

master
Dirk Alders 9 months ago
parent
commit
f1290d7ca4
2 changed files with 2 additions and 1 deletions
  1. 1
    1
      ipt-static-ruleset
  2. 1
    0
      rules.v4

+ 1
- 1
ipt-static-ruleset View File

16
 
16
 
17
 # Allow some usefull outgoing traffic for all VLANS (ssh)
17
 # Allow some usefull outgoing traffic for all VLANS (ssh)
18
 sudo iptables -A OUTPUT -j ACCEPT -p tcp --dport 22 -m comment --comment "accept outgoing ssh"
18
 sudo iptables -A OUTPUT -j ACCEPT -p tcp --dport 22 -m comment --comment "accept outgoing ssh"
19
-
19
+sudo iptables -A OUTPUT -j ACCEPT -p tcp --dport 80 -m comment --comment "accept outgoing http"
20
 
20
 
21
 # Allow established and related trafic
21
 # Allow established and related trafic
22
 sudo iptables -A INPUT -j ACCEPT -m conntrack --ctstate ESTABLISHED,RELATED -m comment --comment "accept all incomming established and related trafic"
22
 sudo iptables -A INPUT -j ACCEPT -m conntrack --ctstate ESTABLISHED,RELATED -m comment --comment "accept all incomming established and related trafic"

+ 1
- 0
rules.v4 View File

33
 -A OUTPUT -p tcp -m tcp --dport 53 -m comment --comment "accept outgoing dns" -j ACCEPT
33
 -A OUTPUT -p tcp -m tcp --dport 53 -m comment --comment "accept outgoing dns" -j ACCEPT
34
 -A OUTPUT -p udp -m udp --dport 123 -m comment --comment "accept outgoing ntp" -j ACCEPT
34
 -A OUTPUT -p udp -m udp --dport 123 -m comment --comment "accept outgoing ntp" -j ACCEPT
35
 -A OUTPUT -p tcp -m tcp --dport 22 -m comment --comment "accept outgoing ssh" -j ACCEPT
35
 -A OUTPUT -p tcp -m tcp --dport 22 -m comment --comment "accept outgoing ssh" -j ACCEPT
36
+-A OUTPUT -p tcp -m tcp --dport 80 -m comment --comment "accept outgoing http" -j ACCEPT
36
 -A OUTPUT -m conntrack --ctstate RELATED,ESTABLISHED -m comment --comment "accept all outgoing established and related trafic" -j ACCEPT
37
 -A OUTPUT -m conntrack --ctstate RELATED,ESTABLISHED -m comment --comment "accept all outgoing established and related trafic" -j ACCEPT
37
 -A OUTPUT -o lo -m comment --comment "accept all outgoing traffic of the loopback device" -j ACCEPT
38
 -A OUTPUT -o lo -m comment --comment "accept all outgoing traffic of the loopback device" -j ACCEPT
38
 -A OUTPUT -o eth0.30 -m comment --comment "accept all outgoing traffic of the eth0.30 device" -j ACCEPT
39
 -A OUTPUT -o eth0.30 -m comment --comment "accept all outgoing traffic of the eth0.30 device" -j ACCEPT

Loading…
Cancel
Save