Add factorio
This commit is contained in:
Daniel Flanagan
parent
3e2311d4f6
commit
944fdb581b
2 changed files with 12 additions and 10 deletions
|
|
@ -32,6 +32,7 @@
|
|||
|
||||
10.0.0.210 greenroof.house
|
||||
|
||||
10.0.0.10 ranch-talk.h.lyte.dev
|
||||
10.0.0.210 ranch-talk.h.lyte.dev
|
||||
|
||||
10.0.0.244 ourcraft.lyte.dev
|
||||
10.0.0.244 factorio.lyte.dev
|
||||
|
|
|
|||
|
|
@ -13,7 +13,7 @@ table inet filter {
|
|||
ip protocol icmp accept
|
||||
meta l4proto ipv6-icmp accept
|
||||
# do these need ipv6-specific entries, too?
|
||||
tcp dport { 51821, 22, 2200, 2221, 2222, 25565 } accept comment "globally allowed ipv6 ports"
|
||||
tcp dport { 51821, 22, 2201, 2221, 25565 } accept comment "globally allowed ipv6 ports"
|
||||
udp dport { 51821, 51820, 546, 53, 67 } accept comment "allow dhcpv6-client, dns, dhcp, and wireguard"
|
||||
udp dport { 60000-60009 } accept comment "allow mosh common ports"
|
||||
drop
|
||||
|
|
@ -43,18 +43,19 @@ table ip nat {
|
|||
iifname $LAN accept
|
||||
|
||||
# faceless
|
||||
# allow HTTP, HTTPS, gitea's SSH, and host ssh to faceless
|
||||
iifname $WAN tcp dport { 443, 80, 2222, 2200 } dnat to 10.0.0.210
|
||||
# allow HTTP, HTTPS, and ssh to faceless
|
||||
iifname $WAN tcp dport { 443, 80, 22 } dnat to 10.0.0.210
|
||||
# allow mosh
|
||||
iifname $WAN udp dport 60010-60019 dnat to 10.0.0.210
|
||||
|
||||
# allow host ssh
|
||||
iifname $WAN tcp dport { 2221, 5588, 5555 } dnat to 10.0.0.10
|
||||
# allow host ssh plus some stuff for the ranch talk
|
||||
iifname $WAN tcp dport { 2221, 5588, 5589 } dnat to 10.0.0.10
|
||||
# allow mosh
|
||||
iifname $WAN udp dport 60020-60029 dnat to 10.0.0.10
|
||||
|
||||
# ourcraft
|
||||
iifname $WAN tcp dport { 25565 } dnat to 10.0.0.244
|
||||
iifname $WAN tcp dport { 25565, 34197 } dnat to 10.0.0.244
|
||||
iifname $WAN udp dport { 25565, 34197 } dnat to 10.0.0.244
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -95,9 +96,9 @@ table ip6 io.systemd.nat {
|
|||
# icmpv6 accept
|
||||
# icmp accept
|
||||
meta l4proto ipv6-icmp accept
|
||||
tcp dport { 51821, 2200, 2221, 2222, 25565 } accept comment "globally allowed ipv6 ports"
|
||||
udp dport { 51821, 51820, 546, 53, 67 } accept comment "allow dhcpv6-client, dns, dhcp, and wireguard"
|
||||
udp dport { 60000-60009 } accept comment "allow mosh common ports"
|
||||
tcp dport { 51821, 22, 2201, 2221, 25565, 34197 } accept comment "globally allowed ipv6 ports"
|
||||
udp dport { 51821, 51820, 546, 53, 67, 25565, 34197 } accept comment "allow dhcpv6-client, dns, dhcp, and wireguard"
|
||||
# udp dport { 60000-60009 } accept comment "allow mosh common ports"
|
||||
drop
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue