changed firewall script and config.yaml, modified README
This commit is contained in:
parent
0df368d337
commit
0a3d45ac2c
|
@ -1,7 +1,8 @@
|
||||||
My customization recipe for SystemRescue:
|
My customization recipe for SystemRescue:
|
||||||
===================================================
|
===================================================
|
||||||
## Dependencies
|
## Dependencies
|
||||||
squashfs-tools, xorriso (provided by dev-libs/libisoburn package in gentoo GNU/Linux - WARNING: requires zstd USE flag enabled) and
|
squashfs-tools, xorriso (provided by dev-libs/libisoburn package in gentoo GNU/
|
||||||
|
Linux - WARNING: requires zstd USE flag enabled) and
|
||||||
[sysrescue-customize.sh](https://gitlab.com/systemrescue/systemrescue-sources/-/raw/main/airootfs/usr/share/sysrescue/bin/sysrescue-customize?inline=false)
|
[sysrescue-customize.sh](https://gitlab.com/systemrescue/systemrescue-sources/-/raw/main/airootfs/usr/share/sysrescue/bin/sysrescue-customize?inline=false)
|
||||||
are required to apply these customizations
|
are required to apply these customizations
|
||||||
|
|
||||||
|
@ -16,8 +17,8 @@ This recipe adds the following to the custom ISO:
|
||||||
- It adds a settings yaml file which overrides the default settings so the
|
- It adds a settings yaml file which overrides the default settings so the
|
||||||
custom SystemRescue starts with my own preferences, such as a spanish
|
custom SystemRescue starts with my own preferences, such as a spanish
|
||||||
keyboard, it copies the system into RAM (so the boot device can be removed),
|
keyboard, it copies the system into RAM (so the boot device can be removed),
|
||||||
it adds a persistent storage volume (see: [persistent-storage](persistent-storage.md)
|
and it adds a persistent storage volume (see:
|
||||||
for further instructions) and it automatically starts the graphical environment.
|
[persistent-storage](persistent-storage.md) for further instructions).
|
||||||
|
|
||||||
Please note the ".squashfs-pseudo" file is important to enforce correct
|
Please note the ".squashfs-pseudo" file is important to enforce correct
|
||||||
permissions and ownership on the /root directory and its contents. You should
|
permissions and ownership on the /root directory and its contents. You should
|
||||||
|
|
|
@ -1,4 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
# Allow incoming and outgoing ssh
|
|
||||||
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
|
|
||||||
iptables -A OUTPUT -p tcp --dport 22 -j ACCEPT
|
|
|
@ -0,0 +1,12 @@
|
||||||
|
#!/bin/bash
|
||||||
|
# Allow incoming and outgoing ssh, dns and dhcp
|
||||||
|
iptables -I INPUT -p tcp --dport 22 -j ACCEPT
|
||||||
|
iptables -I OUTPUT -p tcp --dport 22 -j ACCEPT
|
||||||
|
iptables -I INPUT -p tcp --dport 22 -j ACCEPT
|
||||||
|
iptables -I INPUT -p udp --dport 53 -j ACCEPT
|
||||||
|
iptables -I INPUT -p tcp --dport 53 -j ACCEPT
|
||||||
|
iptables -I INPUT -p udp --dport 68 -j ACCEPT
|
||||||
|
iptables -I OUTPUT -p tcp --dport 22 -j ACCEPT
|
||||||
|
iptables -I OUTPUT -p udp --dport 53 -j ACCEPT
|
||||||
|
iptables -I OUTPUT -p tcp --dport 53 -j ACCEPT
|
||||||
|
iptables -I OUTPUT -p udp --dport 67 -j ACCEPT
|
|
@ -2,7 +2,7 @@ global:
|
||||||
copytoram: true
|
copytoram: true
|
||||||
checksum: false
|
checksum: false
|
||||||
loadsrm: true
|
loadsrm: true
|
||||||
dostartx: true
|
dostartx: false
|
||||||
nofirewall: false
|
nofirewall: false
|
||||||
setkmap: es
|
setkmap: es
|
||||||
cow_label: "PERSISTENCE"
|
cow_label: "PERSISTENCE"
|
||||||
|
@ -10,10 +10,9 @@ global:
|
||||||
autorun:
|
autorun:
|
||||||
ar_nowait: true
|
ar_nowait: true
|
||||||
exec:
|
exec:
|
||||||
open-ssh-port.sh:
|
set-firewall-rules:
|
||||||
path: "/run/archiso/bootmnt/autorun/open-ssh-port.sh"
|
path: "/run/archiso/bootmnt/autorun/set-firewall-rules.sh"
|
||||||
|
|
||||||
sysconfig:
|
sysconfig:
|
||||||
bash_history:
|
bash_history:
|
||||||
100: ""
|
100: ""
|
||||||
timezone: "America/Argentina/Buenos_Aires"
|
|
||||||
|
|
Loading…
Reference in New Issue