Add factorio
This commit is contained in:
parent
3e2311d4f6
commit
944fdb581b
2 changed files with 12 additions and 10 deletions
|
@ -32,6 +32,7 @@
|
||||||
|
|
||||||
10.0.0.210 greenroof.house
|
10.0.0.210 greenroof.house
|
||||||
|
|
||||||
10.0.0.10 ranch-talk.h.lyte.dev
|
10.0.0.210 ranch-talk.h.lyte.dev
|
||||||
|
|
||||||
10.0.0.244 ourcraft.lyte.dev
|
10.0.0.244 ourcraft.lyte.dev
|
||||||
|
10.0.0.244 factorio.lyte.dev
|
||||||
|
|
|
@ -13,7 +13,7 @@ table inet filter {
|
||||||
ip protocol icmp accept
|
ip protocol icmp accept
|
||||||
meta l4proto ipv6-icmp accept
|
meta l4proto ipv6-icmp accept
|
||||||
# do these need ipv6-specific entries, too?
|
# do these need ipv6-specific entries, too?
|
||||||
tcp dport { 51821, 22, 2200, 2221, 2222, 25565 } accept comment "globally allowed ipv6 ports"
|
tcp dport { 51821, 22, 2201, 2221, 25565 } accept comment "globally allowed ipv6 ports"
|
||||||
udp dport { 51821, 51820, 546, 53, 67 } accept comment "allow dhcpv6-client, dns, dhcp, and wireguard"
|
udp dport { 51821, 51820, 546, 53, 67 } accept comment "allow dhcpv6-client, dns, dhcp, and wireguard"
|
||||||
udp dport { 60000-60009 } accept comment "allow mosh common ports"
|
udp dport { 60000-60009 } accept comment "allow mosh common ports"
|
||||||
drop
|
drop
|
||||||
|
@ -43,18 +43,19 @@ table ip nat {
|
||||||
iifname $LAN accept
|
iifname $LAN accept
|
||||||
|
|
||||||
# faceless
|
# faceless
|
||||||
# allow HTTP, HTTPS, gitea's SSH, and host ssh to faceless
|
# allow HTTP, HTTPS, and ssh to faceless
|
||||||
iifname $WAN tcp dport { 443, 80, 2222, 2200 } dnat to 10.0.0.210
|
iifname $WAN tcp dport { 443, 80, 22 } dnat to 10.0.0.210
|
||||||
# allow mosh
|
# allow mosh
|
||||||
iifname $WAN udp dport 60010-60019 dnat to 10.0.0.210
|
iifname $WAN udp dport 60010-60019 dnat to 10.0.0.210
|
||||||
|
|
||||||
# allow host ssh
|
# allow host ssh plus some stuff for the ranch talk
|
||||||
iifname $WAN tcp dport { 2221, 5588, 5555 } dnat to 10.0.0.10
|
iifname $WAN tcp dport { 2221, 5588, 5589 } dnat to 10.0.0.10
|
||||||
# allow mosh
|
# allow mosh
|
||||||
iifname $WAN udp dport 60020-60029 dnat to 10.0.0.10
|
iifname $WAN udp dport 60020-60029 dnat to 10.0.0.10
|
||||||
|
|
||||||
# ourcraft
|
# ourcraft
|
||||||
iifname $WAN tcp dport { 25565 } dnat to 10.0.0.244
|
iifname $WAN tcp dport { 25565, 34197 } dnat to 10.0.0.244
|
||||||
|
iifname $WAN udp dport { 25565, 34197 } dnat to 10.0.0.244
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -95,9 +96,9 @@ table ip6 io.systemd.nat {
|
||||||
# icmpv6 accept
|
# icmpv6 accept
|
||||||
# icmp accept
|
# icmp accept
|
||||||
meta l4proto ipv6-icmp accept
|
meta l4proto ipv6-icmp accept
|
||||||
tcp dport { 51821, 2200, 2221, 2222, 25565 } accept comment "globally allowed ipv6 ports"
|
tcp dport { 51821, 22, 2201, 2221, 25565, 34197 } accept comment "globally allowed ipv6 ports"
|
||||||
udp dport { 51821, 51820, 546, 53, 67 } accept comment "allow dhcpv6-client, dns, dhcp, and wireguard"
|
udp dport { 51821, 51820, 546, 53, 67, 25565, 34197 } accept comment "allow dhcpv6-client, dns, dhcp, and wireguard"
|
||||||
udp dport { 60000-60009 } accept comment "allow mosh common ports"
|
# udp dport { 60000-60009 } accept comment "allow mosh common ports"
|
||||||
drop
|
drop
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue