Fix iptables for "postgres"
This commit is contained in:
parent
01acf8dfbc
commit
183d692c5c
|
@ -9,8 +9,8 @@ common__iptables__v4_filter: |
|
||||||
-A OUTPUT -p tcp --sport 5432 -d 10.133.8.214/32 -m conntrack --ctstate ESTABLISHED -j ACCEPT
|
-A OUTPUT -p tcp --sport 5432 -d 10.133.8.214/32 -m conntrack --ctstate ESTABLISHED -j ACCEPT
|
||||||
|
|
||||||
# Deny other PostgreSQL.
|
# Deny other PostgreSQL.
|
||||||
-A INPUT --dport 5432 -j REJECT
|
-A INPUT -p tcp --dport 5432 -j REJECT
|
||||||
-A OUTPUT --sport 5432 -j REJECT
|
-A OUTPUT -p tcp --sport 5432 -j REJECT
|
||||||
|
|
||||||
common__iptables__v6_filter: |
|
common__iptables__v6_filter: |
|
||||||
# Allow incoming PostgreSQL from specific hosts.
|
# Allow incoming PostgreSQL from specific hosts.
|
||||||
|
@ -18,8 +18,8 @@ common__iptables__v6_filter: |
|
||||||
-A OUTPUT -p tcp --sport 5432 -d 2a03:b0c0:2:f0::142:3001/128 -m conntrack --ctstate ESTABLISHED -j ACCEPT
|
-A OUTPUT -p tcp --sport 5432 -d 2a03:b0c0:2:f0::142:3001/128 -m conntrack --ctstate ESTABLISHED -j ACCEPT
|
||||||
|
|
||||||
# Deny other PostgreSQL.
|
# Deny other PostgreSQL.
|
||||||
-A INPUT --dport 5432 -j REJECT
|
-A INPUT -p tcp --dport 5432 -j REJECT
|
||||||
-A OUTPUT --sport 5432 -j REJECT
|
-A OUTPUT -p tcp --sport 5432 -j REJECT
|
||||||
|
|
||||||
postgresql_backups_dir: '/var/lib/postgresql/backups/12/main'
|
postgresql_backups_dir: '/var/lib/postgresql/backups/12/main'
|
||||||
|
|
||||||
|
|
Reference in New Issue