changed firewall script and config.yaml, modified README

This commit is contained in:
celso 2023-10-23 21:09:38 -03:00
parent 0df368d337
commit 0a3d45ac2c
4 changed files with 19 additions and 11 deletions

View File

@ -1,7 +1,8 @@
My customization recipe for SystemRescue:
===================================================
## Dependencies
squashfs-tools, xorriso (provided by dev-libs/libisoburn package in gentoo GNU/Linux - WARNING: requires zstd USE flag enabled) and
squashfs-tools, xorriso (provided by dev-libs/libisoburn package in gentoo GNU/
Linux - WARNING: requires zstd USE flag enabled) and
[sysrescue-customize.sh](https://gitlab.com/systemrescue/systemrescue-sources/-/raw/main/airootfs/usr/share/sysrescue/bin/sysrescue-customize?inline=false)
are required to apply these customizations
@ -16,8 +17,8 @@ This recipe adds the following to the custom ISO:
- It adds a settings yaml file which overrides the default settings so the
custom SystemRescue starts with my own preferences, such as a spanish
keyboard, it copies the system into RAM (so the boot device can be removed),
it adds a persistent storage volume (see: [persistent-storage](persistent-storage.md)
for further instructions) and it automatically starts the graphical environment.
and it adds a persistent storage volume (see:
[persistent-storage](persistent-storage.md) for further instructions).
Please note the ".squashfs-pseudo" file is important to enforce correct
permissions and ownership on the /root directory and its contents. You should

View File

@ -1,4 +0,0 @@
#!/bin/bash
# Allow incoming and outgoing ssh
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
iptables -A OUTPUT -p tcp --dport 22 -j ACCEPT

View File

@ -0,0 +1,12 @@
#!/bin/bash
# Allow incoming and outgoing ssh, dns and dhcp
iptables -I INPUT -p tcp --dport 22 -j ACCEPT
iptables -I OUTPUT -p tcp --dport 22 -j ACCEPT
iptables -I INPUT -p tcp --dport 22 -j ACCEPT
iptables -I INPUT -p udp --dport 53 -j ACCEPT
iptables -I INPUT -p tcp --dport 53 -j ACCEPT
iptables -I INPUT -p udp --dport 68 -j ACCEPT
iptables -I OUTPUT -p tcp --dport 22 -j ACCEPT
iptables -I OUTPUT -p udp --dport 53 -j ACCEPT
iptables -I OUTPUT -p tcp --dport 53 -j ACCEPT
iptables -I OUTPUT -p udp --dport 67 -j ACCEPT

View File

@ -2,7 +2,7 @@ global:
copytoram: true
checksum: false
loadsrm: true
dostartx: true
dostartx: false
nofirewall: false
setkmap: es
cow_label: "PERSISTENCE"
@ -10,10 +10,9 @@ global:
autorun:
ar_nowait: true
exec:
open-ssh-port.sh:
path: "/run/archiso/bootmnt/autorun/open-ssh-port.sh"
set-firewall-rules:
path: "/run/archiso/bootmnt/autorun/set-firewall-rules.sh"
sysconfig:
bash_history:
100: ""
timezone: "America/Argentina/Buenos_Aires"