summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--inventory/host_vars/ch-router.yml3
1 files changed, 2 insertions, 1 deletions
diff --git a/inventory/host_vars/ch-router.yml b/inventory/host_vars/ch-router.yml
index 3a5f8e43..deaf0371 100644
--- a/inventory/host_vars/ch-router.yml
+++ b/inventory/host_vars/ch-router.yml
@@ -63,12 +63,13 @@ openwrt_mixin:
SVC_IPADDR=$(uci get "network.svc.ipaddr")
SVC_NETMASK=$(uci get "network.svc.netmask")
+ SSH_PORT=$(uci get dropbear.@dropbear[0].Port)
iptables -A INPUT -i lo -d 127.0.0.0/8 -s 127.0.0.0/8 -j ACCEPT
iptables -A INPUT -i "$MGMT_IF" -d "$MGMT_IPADDR" -s "$MGMT_IPADDR/$MGMT_NETMASK" -j ACCEPT
iptables -A INPUT -i "$MAGENTA_IF" -d "$MAGENTA_IPADDR" -p icmp -j ACCEPT
- iptables -A INPUT -i "$MAGENTA_IF" -d "$MAGENTA_IPADDR" -p tcp --dport 22000 -j ACCEPT
+ iptables -A INPUT -i "$MAGENTA_IF" -d "$MAGENTA_IPADDR" -p tcp --dport "$SSH_PORT" -j ACCEPT
iptables -A INPUT -i "$MAGENTA_IF" -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
iptables -A INPUT -i "$SVC_IF" -p icmp -d "$SVC_IPADDR" -s "$SVC_IPADDR/$SVC_NETMASK" -j ACCEPT
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-01 12:23:25 +0000