HCoop
/
hcoop
/
zz_old
/
debian
/
hcoop-firewall-config.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(from parent 1:
26e5d7a
)
Open database ports for all nodes, at least for now.
author
Clinton Ebadi
<clinton@unknownlamer.org>
Sun, 16 Dec 2012 03:46:13 +0000
(22:46 -0500)
committer
Clinton Ebadi
<clinton@unknownlamer.org>
Sun, 16 Dec 2012 03:46:13 +0000
(22:46 -0500)
files/ferm.conf.hcoop
patch
|
blob
|
blame
|
history
diff --git
a/files/ferm.conf.hcoop
b/files/ferm.conf.hcoop
index
3a6b659
..
56da7a3
100644
(file)
--- a/
files/ferm.conf.hcoop
+++ b/
files/ferm.conf.hcoop
@@
-58,6
+58,11
@@
table filter {
# access. We'll leave that for the wheezy machines.
proto tcp dport smtp daddr mail.hcoop.net ACCEPT;
+ # At least for now, open ports to database servers. If dbtool
+ # adduser could also add firewall rules, that would be better.
+ proto (tcp udp) dport mysql daddr mysql.hcoop.net ACCEPT;
+ proto (tcp udp) dport (postgresql 5433) daddr postgres.hcoop.net ACCEPT;
+
# root needs port 80 for things like apt-get
mod owner uid-owner 0 { proto (tcp) dport (http https) ACCEPT; }