source: lvs/debian/config/etc/network/if-up.d/iptables @ 965

Last change on this file since 965 was 965, checked in by quentin, 15 years ago
Configure ldirectord and iptables for scripts-new
  • Property svn:executable set to *
File size: 1006 bytes
Line 
1#!/bin/sh
2## Joe Presbrey <presbrey@mit.edu>
3## SIPB Scripts LVS Firewall marks
4
5iptables -F -t mangle
6
7# scripts.mit.edu
8iptables -A PREROUTING -t mangle -m tcp -m multiport -p tcp -d 18.181.0.46/31 --dports 80,443,444 -j MARK --set-mark 2
9iptables -A PREROUTING -t mangle -m mark --mark 0 -d 18.181.0.46/31 -j MARK --set-mark 1
10
11# scripts-new.mit.edu
12iptables -A PREROUTING -t mangle -m tcp -m multiport -p tcp -d 18.181.0.43 --dports 80,443,444 -j MARK --set-mark 2
13iptables -A PREROUTING -t mangle -m mark --mark 0 -d 18.181.0.43 -j MARK --set-mark 1
14
15# scripts-cert.mit.edu
16iptables -A PREROUTING -t mangle -m tcp -m multiport -p tcp -d 18.181.0.50/31 --dports 80,443,444 -j MARK --set-mark 2
17iptables -A PREROUTING -t mangle -m mark --mark 0 -d 18.181.0.50/31 -j MARK --set-mark 1
18
19# webzephyr.mit.edu
20iptables -A PREROUTING -t mangle -m tcp -m multiport -p tcp -d 18.181.0.49 --dports 80,443 -j MARK --set-mark 2
21iptables -A PREROUTING -t mangle -m mark --mark 0 -d 18.181.0.49 -j MARK --set-mark 1
Note: See TracBrowser for help on using the repository browser.