changed firewall script and config.yaml, modified README
This commit is contained in:
parent
0df368d337
commit
0a3d45ac2c
|
@ -1,7 +1,8 @@
|
|||
My customization recipe for SystemRescue:
|
||||
===================================================
|
||||
## Dependencies
|
||||
squashfs-tools, xorriso (provided by dev-libs/libisoburn package in gentoo GNU/Linux - WARNING: requires zstd USE flag enabled) and
|
||||
squashfs-tools, xorriso (provided by dev-libs/libisoburn package in gentoo GNU/
|
||||
Linux - WARNING: requires zstd USE flag enabled) and
|
||||
[sysrescue-customize.sh](https://gitlab.com/systemrescue/systemrescue-sources/-/raw/main/airootfs/usr/share/sysrescue/bin/sysrescue-customize?inline=false)
|
||||
are required to apply these customizations
|
||||
|
||||
|
@ -16,8 +17,8 @@ This recipe adds the following to the custom ISO:
|
|||
- It adds a settings yaml file which overrides the default settings so the
|
||||
custom SystemRescue starts with my own preferences, such as a spanish
|
||||
keyboard, it copies the system into RAM (so the boot device can be removed),
|
||||
it adds a persistent storage volume (see: [persistent-storage](persistent-storage.md)
|
||||
for further instructions) and it automatically starts the graphical environment.
|
||||
and it adds a persistent storage volume (see:
|
||||
[persistent-storage](persistent-storage.md) for further instructions).
|
||||
|
||||
Please note the ".squashfs-pseudo" file is important to enforce correct
|
||||
permissions and ownership on the /root directory and its contents. You should
|
||||
|
|
|
@ -1,4 +0,0 @@
|
|||
#!/bin/bash
|
||||
# Allow incoming and outgoing ssh
|
||||
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
|
||||
iptables -A OUTPUT -p tcp --dport 22 -j ACCEPT
|
|
@ -0,0 +1,12 @@
|
|||
#!/bin/bash
|
||||
# Allow incoming and outgoing ssh, dns and dhcp
|
||||
iptables -I INPUT -p tcp --dport 22 -j ACCEPT
|
||||
iptables -I OUTPUT -p tcp --dport 22 -j ACCEPT
|
||||
iptables -I INPUT -p tcp --dport 22 -j ACCEPT
|
||||
iptables -I INPUT -p udp --dport 53 -j ACCEPT
|
||||
iptables -I INPUT -p tcp --dport 53 -j ACCEPT
|
||||
iptables -I INPUT -p udp --dport 68 -j ACCEPT
|
||||
iptables -I OUTPUT -p tcp --dport 22 -j ACCEPT
|
||||
iptables -I OUTPUT -p udp --dport 53 -j ACCEPT
|
||||
iptables -I OUTPUT -p tcp --dport 53 -j ACCEPT
|
||||
iptables -I OUTPUT -p udp --dport 67 -j ACCEPT
|
|
@ -2,7 +2,7 @@ global:
|
|||
copytoram: true
|
||||
checksum: false
|
||||
loadsrm: true
|
||||
dostartx: true
|
||||
dostartx: false
|
||||
nofirewall: false
|
||||
setkmap: es
|
||||
cow_label: "PERSISTENCE"
|
||||
|
@ -10,10 +10,9 @@ global:
|
|||
autorun:
|
||||
ar_nowait: true
|
||||
exec:
|
||||
open-ssh-port.sh:
|
||||
path: "/run/archiso/bootmnt/autorun/open-ssh-port.sh"
|
||||
set-firewall-rules:
|
||||
path: "/run/archiso/bootmnt/autorun/set-firewall-rules.sh"
|
||||
|
||||
sysconfig:
|
||||
bash_history:
|
||||
100: ""
|
||||
timezone: "America/Argentina/Buenos_Aires"
|
||||
|
|
Loading…
Reference in New Issue