iankelling.org / git / automated-distro-installer / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
use latest btrfs-progs to match linux-libre
[automated-distro-installer] / wrt-disabled-firewall-rules
1 firewall rules, temporarily disabled until I get them working
2
3
4 # each port forward needs corresponding forward in the vpn server
5
6
7 #http/https
8
9
10
11 config redirect
12 option name bittorrent
13 option src vpn
14 option src_dport 63324
15 option dest_ip 192.168.1.2
16 option dest lan
17 # making the port open (not sure if this is actually needed)
18 config rule
19 option src vpn
20 option target ACCEPT
21 option dest_port 63324
22
23
24
25 config redirect
26 option name kdsyncthing
27 option src vpn
28 option src_dport 22000
29 option dest_ip 192.168.1.2
30 option dest lan
31 option proto tcp
32 config rule
33 option src vpn
34 option target ACCEPT
35 option dest_port 22000
36
37
38 config redirect
39 option name bithtpc
40 option src vpn
41 option src_dport 63325
42 option dest_ip 192.168.1.4
43 option dest lan
44 config rule
45 option src vpn
46 option target ACCEPT
47 option dest_port 63325
48
49
50
51 #### begin rules for nfs ####
52 # https://serverfault.com/questions/377170/which-ports-do-i-need-to-open-in-the-firewall-to-use-nfs
53 # https://wiki.debian.org/SecuringNFS
54 # I had no /etc/default/quota, or any process named quota anything,
55 # so, assumed that was unneeded. seems to work.
56 config redirect
57 option src wan
58 option src_dport 111
59 option dest_ip 192.168.1.2
60 option dest lan
61 config rule
62 option src wan
63 option target ACCEPT
64 option dest_port 111
65 config redirect
66 option src wan
67 option src_dport 2049
68 option dest_ip 192.168.1.2
69 option dest lan
70 config rule
71 option src wan
72 option target ACCEPT
73 option dest_port 2049
74 config redirect
75 option src wan
76 option src_dport 32764
77 option dest_ip 192.168.1.2
78 option dest lan
79 config rule
80 option src wan
81 option target ACCEPT
82 option dest_port 32764
83 config redirect
84 option src wan
85 option src_dport 32765
86 option dest_ip 192.168.1.2
87 option dest lan
88 config rule
89 option src wan
90 option target ACCEPT
91 option dest_port 32765
92 config redirect
93 option src wan
94 option src_dport 32766
95 option dest_ip 192.168.1.2
96 option dest lan
97 config rule
98 option src wan
99 option target ACCEPT
100 option dest_port 32766
101 config redirect
102 option src wan
103 option src_dport 32767
104 option dest_ip 192.168.1.2
105 option dest lan
106 config rule
107 option src wan
108 option target ACCEPT
109 option dest_port 32767
110 config redirect
111 option src wan
112 option src_dport 32768
113 option dest_ip 192.168.1.2
114 option dest lan
115 config rule
116 option src wan
117 option target ACCEPT
118 option dest_port 32768
119 #### end rules for nfs ####
120
121
122 config redirect
123 option name mariadb
124 option src wan
125 option src_dport 3306
126 option dest lan
127 option dest_ip 192.168.1.2
128 option proto tcp
129 config rule
130 option src wan
131 option target ACCEPT
132 option dest_port 3306
133 option proto tcp
134
135
PXE install w multi-boot, btrfs & Libreboot support