makefu/stockholm
1
0
Fork 0
Code Issues Pull requests Actions 1 Packages Projects Releases Wiki Activity

l 2 base: redirect internet ssh port to 45621

Browse source
This commit is contained in:
lassulus 2016-04-12 15:11:31 +02:00
parent a1d80db7cc
commit be6bfb1736
1 changed files with 7 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
lass/2configs/base.nix
View file

@ -173,6 +173,13 @@ with config.krebs.lib;
krebs.iptables = {
enable = true;
tables = {
nat.PREROUTING.rules = [
{ predicate = "! -i retiolum -p tcp -m tcp --dport 22"; target = "REDIRECT --to-ports 0"; precedence = 100; }
{ predicate = "-p tcp -m tcp --dport 45621"; target = "REDIRECT --to-ports 22"; precedence = 99; }
];
nat.OUTPUT.rules = [
{ predicate = "-o lo -p tcp -m tcp --dport 45621"; target = "REDIRECT --to-ports 22"; precedence = 100; }
];
filter.INPUT.policy = "DROP";
filter.FORWARD.policy = "DROP";
filter.INPUT.rules = [