2019-06-23 00:35:32 +00:00
|
|
|
if platform_family?("rhel", "debian", "fedora", "amazon", "suse")
|
2020-08-13 16:18:42 +00:00
|
|
|
package "iptables"
|
|
|
|
|
|
|
|
if platform?("centos", "oracle")
|
|
|
|
package value_for_platform([ "centos", "oracle" ] => {"< 8" => "iptables-ipv6", ">= 8" => "iptables"})
|
|
|
|
end
|
|
|
|
|
2019-06-23 00:35:32 +00:00
|
|
|
# IPv4
|
2019-06-11 22:24:35 +00:00
|
|
|
execute "iptables -A INPUT -i eth0 -p tcp -m tcp "\
|
|
|
|
"--dport 80 -m state --state NEW -m comment "\
|
2016-02-09 16:10:23 +00:00
|
|
|
'--comment "http on 80" -j ACCEPT'
|
2019-06-11 22:24:35 +00:00
|
|
|
execute "iptables -N derby-cognos-web"
|
|
|
|
execute "iptables -A INPUT -j derby-cognos-web"
|
|
|
|
execute "iptables -A derby-cognos-web -p tcp -m tcp --dport 80 "\
|
2016-02-09 16:10:23 +00:00
|
|
|
'-m comment --comment "derby-cognos-web" -j ACCEPT'
|
2019-06-23 00:35:32 +00:00
|
|
|
# IPv6
|
|
|
|
execute "ip6tables -A INPUT -i eth0 -p tcp -m tcp "\
|
|
|
|
"--dport 80 -m state --state NEW -m comment "\
|
|
|
|
'--comment "http v6 on 80" -j ACCEPT'
|
|
|
|
execute "ip6tables -N derby-cognos-web-v6"
|
|
|
|
execute "ip6tables -A INPUT -j derby-cognos-web-v6"
|
|
|
|
execute "ip6tables -A derby-cognos-web-v6 -p tcp -m tcp --dport 80 "\
|
|
|
|
'-m comment --comment "derby-cognos-web-v6" -j ACCEPT'
|
2016-02-09 16:10:23 +00:00
|
|
|
end
|