source: lvs/debian/config/etc/network/if-up.d/iptables @ 805

Last change on this file since 805 was 805, checked in by quentin, 14 years ago
Load balance port 444 in addition to port 443, and do a negotiate check on SSL so we verify the server is up
  • Property svn:executable set to *
File size: 996 bytes
Line 
1#!/bin/sh
2## Joe Presbrey <presbrey@mit.edu>
3## SIPB Scripts LVS Firewall marks
4
5iptables -F -t mangle
6
7# scripts.mit.edu
8iptables -A PREROUTING -t mangle -m tcp -m multiport -p tcp -d 18.181.0.46/31 --dports 80,443,444 -j MARK --set-mark 2
9iptables -A PREROUTING -t mangle -m mark --mark 0 -d 18.181.0.46/31 -j MARK --set-mark 1
10
11# scripts-cert.mit.edu
12iptables -A PREROUTING -t mangle -m tcp -m multiport -p tcp -d 18.181.0.50/31 --dports 80,443,444 -j MARK --set-mark 2
13iptables -A PREROUTING -t mangle -m mark --mark 0 -d 18.181.0.50/31 -j MARK --set-mark 1
14
15# webzephyr.mit.edu
16iptables -A PREROUTING -t mangle -m tcp -m multiport -p tcp -d 18.181.0.49 --dports 80,443 -j MARK --set-mark 2
17iptables -A PREROUTING -t mangle -m mark --mark 0 -d 18.181.0.49 -j MARK --set-mark 1
18
19# hacks.mit.edu
20iptables -A PREROUTING -t mangle -m tcp -m multiport -p tcp -d 18.181.0.33 --dports 80,443 -j MARK --set-mark 2
21iptables -A PREROUTING -t mangle -m mark --mark 0 -d 18.181.0.33 -j MARK --set-mark 1
Note: See TracBrowser for help on using the repository browser.