diff options
| author | Christian Pointner <equinox@spreadspace.org> | 2021-04-01 23:11:00 +0200 |
|---|---|---|
| committer | Christian Pointner <equinox@spreadspace.org> | 2021-04-01 23:11:00 +0200 |
| commit | 3af1307740441e285a0b802409950ca0d21b9c15 (patch) | |
| tree | 28eacf61b84a5e89e926b91ccac645b590e60c87 /inventory/host_vars/glt-gw-tug.yml | |
| parent | add host glt-stream (diff) | |
glt-gw-tug: allow ssh from LAN
Diffstat (limited to 'inventory/host_vars/glt-gw-tug.yml')
| -rw-r--r-- | inventory/host_vars/glt-gw-tug.yml | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/inventory/host_vars/glt-gw-tug.yml b/inventory/host_vars/glt-gw-tug.yml index 33ebb757..d1bbfa95 100644 --- a/inventory/host_vars/glt-gw-tug.yml +++ b/inventory/host_vars/glt-gw-tug.yml @@ -23,6 +23,7 @@ openwrt_packages_add: - iperf - iperf3 - mtr + - iptraf-ng openwrt_mixin: @@ -65,6 +66,7 @@ openwrt_mixin: iptables -A INPUT -i "$LAN_IF" -p tcp --dport 53 -d "$LAN_IP" -s "$LAN_IP/$LAN_MASK" -j ACCEPT iptables -A INPUT -i "$LAN_IF" -p icmp -d "$LAN_IP" -s "$LAN_IP/$LAN_MASK" -j ACCEPT + iptables -A INPUT -i "$LAN_IF" -p tcp --dport {{ ansible_port }} -d "$LAN_IP" -s "$LAN_IP/$LAN_MASK" -j ACCEPT iptables -A INPUT -i "$LAN_IF" -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT iptables -A FORWARD -i "$LAN_IF" -o "$WAN_IF" -s "$LAN_IP/$LAN_MASK" -j ACCEPT |