mirror of https://git.envs.net/envs/ops.git
firewall - exclude old jitsi
This commit is contained in:
parent
547bd827a8
commit
96ef333d27
|
@ -272,12 +272,10 @@ if [ "$1" = "start" ]; then
|
||||||
|
|
||||||
# jitsi
|
# jitsi
|
||||||
# => apache2 proxy (http/https)
|
# => apache2 proxy (http/https)
|
||||||
$IPT -w -t nat -A POSTROUTING -d 192.168.1.3 -s 192.168.1.19 -j SNAT --to 89.163.145.170
|
# $IPT -w -t nat -A PREROUTING -d 89.163.145.170 -p udp --dport 10000:20000 -j DNAT --to-destination 192.168.1.19 --sport 10000:20000
|
||||||
$IPT -w -t nat -A POSTROUTING ! -d 192.168.1.0/24 -s 192.168.1.19 -j SNAT --to 89.163.145.170
|
# $IPT -w -A FORWARD -p udp -d 192.168.1.19 --dport 10000:20000 -j ACCEPT
|
||||||
# $IPT -w -t nat -A PREROUTING -d 89.163.145.170 -p tcp --dport 4443 -j DNAT --to-destination 192.168.1.19:4443
|
# $IPT -w -t nat -A POSTROUTING -d 192.168.1.3 -s 192.168.1.19 -j SNAT --to 89.163.145.170
|
||||||
# $IPT -w -A FORWARD -p tcp -d 192.168.1.19 --dport 4443 -j ACCEPT
|
# $IPT -w -t nat -A POSTROUTING ! -d 192.168.1.0/24 -s 192.168.1.19 -j SNAT --to 89.163.145.170
|
||||||
$IPT -w -t nat -A PREROUTING -d 89.163.145.170 -p udp --dport 10000:20000 -j DNAT --to-destination 192.168.1.19 --sport 10000:20000
|
|
||||||
$IPT -w -A FORWARD -p udp -d 192.168.1.19 --dport 10000:20000 -j ACCEPT
|
|
||||||
|
|
||||||
|
|
||||||
# MASQUERADE.
|
# MASQUERADE.
|
||||||
|
|
Loading…
Reference in New Issue