31 lines
1.4 KiB
Bash
Executable File
31 lines
1.4 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
set -eux
|
|
set -o pipefail
|
|
|
|
add-rule INPUT -m udp -p udp --dport 69 -j ACCEPT
|
|
add-rule INPUT -p tcp -m multiport --dports 8773,8774,8775 -j ACCEPT
|
|
add-rule INPUT -p tcp -m multiport --dports 5000,35357 -j ACCEPT
|
|
add-rule INPUT -p tcp --dport 8585 -j ACCEPT
|
|
add-rule INPUT -p tcp --dport 9696 -j ACCEPT
|
|
add-rule INPUT -p tcp -m multiport --dports 6080 -j ACCEPT
|
|
add-rule INPUT -p tcp -m multiport --dports 5900:5999 -j ACCEPT
|
|
add-rule INPUT -p tcp --dport 9292 -j ACCEPT
|
|
add-rule INPUT -p tcp --dport 9191 -j ACCEPT
|
|
add-rule INPUT -p tcp --dport 6385 -j ACCEPT
|
|
add-rule FORWARD -d 192.0.2.0/24 -j ACCEPT
|
|
add-rule FORWARD -d 192.168.122.0/24 -j ACCEPT
|
|
add-rule INPUT -p tcp --dport $(os-apply-config --key 'horizon.port' --type int --key-default 80) -j ACCEPT
|
|
add-rule INPUT -p tcp --dport 5672 -j ACCEPT
|
|
add-rule INPUT -p tcp -m multiport --dports 8000,8003,8004 -j ACCEPT
|
|
add-rule INPUT -p tcp -m multiport --dports 8080 -j ACCEPT
|
|
add-rule INPUT -p tcp -m multiport --dports 8779 -j ACCEPT
|
|
add-rule INPUT -p tcp --dport 8777 -j ACCEPT
|
|
|
|
|
|
EXTERNAL_BRIDGE=br-ctlplane
|
|
iptables -t nat -C PREROUTING -d 169.254.169.254/32 -i $EXTERNAL_BRIDGE -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8775 || iptables -t nat -I PREROUTING -d 169.254.169.254/32 -i $EXTERNAL_BRIDGE -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8775
|
|
|
|
# Save metadata redirect rule
|
|
iptables-save > /etc/sysconfig/iptables
|