Browse Source

Ajout des droits pour la VM des rennais (DNS)

merge-requests/2/merge
zaiken zaiken 4 years ago
committed by root
parent
commit
6fb7134be6
  1. 26
      re2o.conf
  2. 11
      zones/dmz.nft

26
re2o.conf

@ -0,0 +1,26 @@
<VirtualHost *:80>
ServerName re2o.rezometz.org
ServerAlias lorrabelle.rez
LogLevel warn
ErrorLog ${APACHE_LOG_DIR}/re2o-error.log
CustomLog ${APACHE_LOG_DIR}/re2o-access.log combined
#<Directory />
# AuthType Basic
# AuthName "Password Required"
# AuthUserFile /usr/local/password
# Require valid-user
# #Require all granted
#</Directory>
#Alias /static /var/www/re2o/static_files
#Alias /media /var/www/re2o/media
#WSGIScriptAlias / /var/www/re2o/re2o/wsgi.py
#WSGIProcessGroup re2o
#WSGIDaemonProcess re2o processes=2 threads=16 maximum-requests=1000 display-name=re2o
#WSGIPassAuthorization On
DocumentRoot /var/www/html
</VirtualHost>

11
zones/dmz.nft

@ -101,12 +101,21 @@ table inet firewall {
elements = {193.48.225.203}
}
set dns_rennais {
type ipv4_addr
flags interval
elements = {193.48.225.205}
}
chain to_dmz {
ip saddr 10.7.0.0/16 accept
ip daddr @smtp tcp dport { 22, 25, 80 } accept
ip daddr @dns tcp dport { 22, 53 } accept
ip daddr @dns udp dport { 53 } accept
ip daddr @dns_rennais tcp dport { 22, 53 } accept
ip daddr @dns_rennais udp dport { 53 } accept
ip daddr @www tcp dport { 21, 22, 80, 443 } accept
ip daddr @federez tcp dport { 22, 53, 80, 443, 389 } accept
ip daddr @federez udp dport { 53, 636 } accept
@ -120,7 +129,7 @@ table inet firewall {
ip daddr @minecraft tcp dport { 22, 25565 } accept
ip daddr @minecraft udp dport { 22, 25565 } accept
ip daddr @latoilescoute udp dport { 22, 161 } accept
ip daddr @latoilescoute udp dport { 22, 161 } accept
ip daddr @latoilescoute tcp dport { 22 } accept
ip saddr @ldap_clients ip daddr @ldap tcp dport { 389, 636 } accept
ip saddr @ldap_clients ip daddr @ldap udp dport { 636 } accept

Loading…
Cancel
Save