~mdw / firewall / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 4942d7c) | patch
local.m4, etc.: Establish `inbound-untrusted' chain and deploy.
authorMark Wooding <mdw@distorted.org.uk>
Mon, 30 May 2022 21:15:24 +0000 (22:15 +0100)
committerMark Wooding <mdw@distorted.org.uk>
Mon, 30 May 2022 21:47:09 +0000 (22:47 +0100)
commit94ce6e764e92676c1a7dea68820bcf198ea4c466
tree5c62e4c235e096ce33e49566bc381e5f942b4463tree | snapshot (tar.gz zip)
parent4942d7c1381f147b6c1f06e035d710e29b45dae0commit | diff
local.m4, etc.: Establish `inbound-untrusted' chain and deploy.

Quite a lot of the per-host files involve allowing local untrusted
access to various services.  This was being done with explicit network
address ranges, which led to repetition of the rules for IPv4 and IPv6,
or only permitting access through IPv4.

Instead, introduce a new chain (actually promoted from `vampire.m4') for
these local untrusted clients and replace the explicit address ranges.
artist.m4 diff | blob | blame | history
fender.m4 diff | blob | blame | history
ibanez.m4 diff | blob | blame | history
jem.m4 diff | blob | blame | history
local.m4 diff | blob | blame | history
roadstar.m4 diff | blob | blame | history
vampire.m4 diff | blob | blame | history
Firewall scripts for distorted.org.uk.