added snmp and postgresql ports, organized tcp_ports set better

This commit is contained in:
celso 2024-12-13 03:04:52 -03:00
parent 70349a41c9
commit 211b1c0ce1
2 changed files with 10 additions and 3 deletions

View File

@ -11,6 +11,7 @@ define TERRARIA_PORT = 7777
define MAINPAGE_PORT = 3000 define MAINPAGE_PORT = 3000
define NEXTCLOUD_PORT = 3001 define NEXTCLOUD_PORT = 3001
define GITEA_PORT = 3002 define GITEA_PORT = 3002
define POSTGRESQL_PORT = 5432
# TCP and UDP services (needs to go in both sets) # TCP and UDP services (needs to go in both sets)
define DNS_PORT = 53 define DNS_PORT = 53
@ -22,3 +23,5 @@ define DHCP_OUT_PORT = 68
define OPENVPN_PORT = 1194 define OPENVPN_PORT = 1194
define FACTORIO_PORT = 34197 define FACTORIO_PORT = 34197
define CSTRIKE_PORT = 27015 define CSTRIKE_PORT = 27015
define SNMP_POLL_PORT = 161
define SNMP_TRAP_PORT = 162

View File

@ -7,19 +7,23 @@ table ip filter {
set allowed_tcp_ports { set allowed_tcp_ports {
type inet_service; type inet_service;
flags constant; flags constant;
elements = { $SSH_PORT1, $SSH_PORT2, $DNS_PORT, $HTTP_PORT, $HTTPS_PORT, $SYNCPLAY_PORT, $TERRARIA_PORT, $OPENTTD_PORT, $MAINPAGE_PORT, $NEXTCLOUD_PORT, $GITEA_PORT }; elements = {
$SSH_PORT1, $SSH_PORT2, $DNS_PORT, $HTTP_PORT, $HTTPS_PORT, $SYNCPLAY_PORT,
$TERRARIA_PORT, $OPENTTD_PORT, $MAINPAGE_PORT, $NEXTCLOUD_PORT, $GITEA_PORT,
$POSTGRESQL_PORT
};
} }
set allowed_udp_ports_in { set allowed_udp_ports_in {
type inet_service; type inet_service;
flags constant; flags constant;
elements = { $DNS_PORT, $DHCP_IN_PORT, $OPENVPN_PORT, $FACTORIO_PORT, $OPENTTD_PORT, $CSTRIKE_PORT } elements = { $DNS_PORT, $DHCP_IN_PORT, $OPENVPN_PORT, $FACTORIO_PORT, $OPENTTD_PORT, $CSTRIKE_PORT, $SNMP_POLL_PORT, $SNMP_TRAP_PORT }
} }
set allowed_udp_ports_out { set allowed_udp_ports_out {
type inet_service; type inet_service;
flags constant; flags constant;
elements = { $DNS_PORT, $DHCP_OUT_PORT } elements = { $DNS_PORT, $DHCP_OUT_PORT, $SNMP_POLL_PORT }
} }
chain in { chain in {