sheppy/athq-vm-management
1
0
Fork 0
mirror of https://github.com/FAUSheppy/athq-vm-management synced 2026-06-19 03:02:39 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity

feat: add postgres DNAT

Browse Source
This commit is contained in:
Johnathen Sheppard
2026-05-07 19:43:50 +00:00
parent 17cb059482
commit fb6a9c4b50
1 changed files with 10 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
iptables/rules.v4
+10
View File
@@ -6,6 +6,12 @@
-A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
-A OUTPUT ! -s 159.69.136.222 -o eno1 -j REJECT --reject-with icmp-host-prohibited -A OUTPUT ! -s 159.69.136.222 -o eno1 -j REJECT --reject-with icmp-host-prohibited
-A INPUT -i eno1 -p tcp -m multiport --dports 5044,9200:9210,9300:9310 -j REJECT --reject-with icmp-host-prohibited -A INPUT -i eno1 -p tcp -m multiport --dports 5044,9200:9210,9300:9310 -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -d 192.168.122.110/32 -p tcp -m tcp --dport 5432 -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -s 192.168.122.110/32 -p tcp -m tcp --sport 5432 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -d 192.168.122.110/32 -p tcp -m tcp --dport 5432 -m conntrack --ctstate NEW,RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -s 192.168.122.110/32 -p tcp -m tcp --sport 5432 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEP
COMMIT COMMIT
*nat *nat
@@ -15,4 +21,8 @@ COMMIT
-A POSTROUTING ! -o eno1 -p tcp -m multiport --dports 26000:27000 -d 192.168.122.102 -j SNAT --to-source 192.168.122.1 -A POSTROUTING ! -o eno1 -p tcp -m multiport --dports 26000:27000 -d 192.168.122.102 -j SNAT --to-source 192.168.122.1
-A POSTROUTING ! -o eno1 -p tcp -m multiport --dports 26000:27000 -d 192.168.122.102 -j SNAT --to-source 192.168.122.1 -A POSTROUTING ! -o eno1 -p tcp -m multiport --dports 26000:27000 -d 192.168.122.102 -j SNAT --to-source 192.168.122.1
-A PREROUTING -p tcp -m tcp --dport 5432 -j DNAT --to-destination 192.168.122.110:5432
-A PREROUTING -p tcp -m tcp --dport 5432 -j DNAT --to-destination 192.168.122.110:5432
COMMIT COMMIT