Skip to content
Snippets Groups Projects
Commit f68650d6 authored by Florent Gluck's avatar Florent Gluck
Browse files

Added comments to live_exam_os/config/boot_hooks/firewall

parent 02a8557f
Branches
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
live_exam_os/config/boot_hooks/firewall
+ 7
0
View file @ f68650d6
...@@ -4,13 +4,20 @@ ...@@ -4,13 +4,20 @@
firewall () firewall ()
{ {
# Block all incoming and outgoing traffic
ufw default deny incoming ufw default deny incoming
ufw default deny outgoing ufw default deny outgoing
# Allow outgoing http and https traffic
ufw allow out from any to $1 port 80 ufw allow out from any to $1 port 80
ufw allow out from any to $1 port 443 ufw allow out from any to $1 port 443
# Allow outgoing traffic to nexus-server API
ufw allow out from any to $1 port $2 ufw allow out from any to $1 port $2
# Allow outgoing ntp traffic
# ufw allow out from any to any port 123 proto udp
# Allow outgoing traffic to nexus VMs (Spice)
ufw allow out from any to $1 port 1025:65535 proto tcp ufw allow out from any to $1 port 1025:65535 proto tcp
ufw allow out from any to $1 port 1025:65535 proto udp ufw allow out from any to $1 port 1025:65535 proto udp
ufw enable ufw enable
} }
live_exam_os/config/packages.list.chroot
+ 1
1
View file @ f68650d6
...@@ -11,4 +11,4 @@ virt-viewer ...@@ -11,4 +11,4 @@ virt-viewer
firmware-iwlwifi firmware-iwlwifi
network-manager network-manager
network-manager-gnome network-manager-gnome
brightnessctl #systemd-timesyncd
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment