Added comments to live_exam_os/config/boot_hooks/firewall

f68650d6 · Florent Gluck · 02a8557f · f68650d6 · f68650d6
Commit f68650d6 authored 8 months ago by Florent Gluck
--- a/live_exam_os/config/boot_hooks/firewall
+++ b/live_exam_os/config/boot_hooks/firewall
@@ -4,13 +4,20 @@

 firewall ()
 {
+    # Block all incoming and outgoing traffic
    ufw default deny incoming
    ufw default deny outgoing
+    # Allow outgoing http and https traffic
    ufw allow out from any to $1 port 80
    ufw allow out from any to $1 port 443
+    # Allow outgoing traffic to nexus-server API
    ufw allow out from any to $1 port $2
+    # Allow outgoing ntp traffic
+    # ufw allow out from any to any port 123 proto udp
+    # Allow outgoing traffic to nexus VMs (Spice)
    ufw allow out from any to $1 port 1025:65535 proto tcp
    ufw allow out from any to $1 port 1025:65535 proto udp
+
    ufw enable
 }

--- a/live_exam_os/config/packages.list.chroot
+++ b/live_exam_os/config/packages.list.chroot
@@ -11,4 +11,4 @@ virt-viewer
 firmware-iwlwifi
 network-manager
 network-manager-gnome
-brightnessctl
+#systemd-timesyncd