diff options
| author | Guilhem Moulin <guilhem@fripost.org> | 2015-05-14 23:38:25 +0200 |
|---|---|---|
| committer | Guilhem Moulin <guilhem@fripost.org> | 2015-06-07 02:53:44 +0200 |
| commit | 9d3a5026bb8bfec54eedc9c6f4603d8073d08429 (patch) | |
| tree | ae8841cfb4aeafea7fa1153804e87b68808a2f65 /roles/common | |
| parent | b3f957f6809427bc1b78ecd0d5b23bb90294108d (diff) | |
Allow outgoing SSH traffic.
Diffstat (limited to 'roles/common')
| -rw-r--r-- | roles/common/templates/etc/iptables/services.j2 | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/roles/common/templates/etc/iptables/services.j2 b/roles/common/templates/etc/iptables/services.j2 index c628d50..1ff8778 100644 --- a/roles/common/templates/etc/iptables/services.j2 +++ b/roles/common/templates/etc/iptables/services.j2 @@ -1,30 +1,31 @@ # {{ ansible_managed }} # Do NOT edit this file directly! # # direction protocol destination port source port # (in|out|inout)[46]? (tcp|udp|..) (port|port:port|port,port) (port|port:port|port,port) out tcp 80,443 # HTTP/HTTPS out tcp 9418 # GIT out udp 53 # DNS out udp 67 # DHCP +out tcp 22 # SSH {% if 'NTP-master' in group_names %} in udp 123 # NTP out udp 123 # NTP {% else %} out udp 123 123 # NTP {% endif %} in tcp {{ ansible_ssh_port|default('22') }} # SSH {% if 'LDAP-provider' in group_names %} in tcp 636 # LDAPS {% elif 'MX' in group_names or 'lists' in group_names %} out tcp 636 # LDAPS {% endif %} {% if 'MX' in group_names %} in tcp 25 # SMTP {% if 'MDA' not in group_names %} out tcp {{ postfix_instance.IMAP.port }} {% endif %} {% if 'lists' not in group_names %} out tcp {{ postfix_instance.lists.port }} |