zyjibmcn · April 5, 2016 09:26
diff --git a/gistfile1.txt b/gistfile1.txt
 #!/bin/env bash

 # allow access to 80/443 for all
 iptables -I INPUT -p tcp --dport 80 -j ACCEPT
 iptables -I INPUT -p tcp --dport 443 -j ACCEPT

 # allow access to 9081/9444 for all (for adminCenter operations)
 iptables -I INPUT -m state --state NEW -m tcp -p tcp --dport 9081 -j ACCEPT
 iptables -I INPUT -m state --state NEW -m tcp -p tcp --dport 9444 -j ACCEPT

 # allow access to 9082/9445 9083/9446 for 9.12.19.* (httpd proxy to WLP)
 iptables -I INPUT -m state --state NEW -m tcp -p tcp --source 9.12.19.0/24 --dport 9082 -j ACCEPT
 iptables -I INPUT -m state --state NEW -m tcp -p tcp --source 9.12.19.0/24 --dport 9445 -j ACCEPT
 iptables -I INPUT -m state --state NEW -m tcp -p tcp --source 9.12.19.0/24 --dport 9083 -j ACCEPT
 iptables -I INPUT -m state --state NEW -m tcp -p tcp --source 9.12.19.0/24 --dport 9446 -j ACCEPT

 iptables-save
	#!/bin/env bash

	# allow access to 80/443 for all
	iptables -I INPUT -p tcp --dport 80 -j ACCEPT
	iptables -I INPUT -p tcp --dport 443 -j ACCEPT

	# allow access to 9081/9444 for all (for adminCenter operations)
	iptables -I INPUT -m state --state NEW -m tcp -p tcp --dport 9081 -j ACCEPT
	iptables -I INPUT -m state --state NEW -m tcp -p tcp --dport 9444 -j ACCEPT

	# allow access to 9082/9445 9083/9446 for 9.12.19.* (httpd proxy to WLP)
	iptables -I INPUT -m state --state NEW -m tcp -p tcp --source 9.12.19.0/24 --dport 9082 -j ACCEPT
	iptables -I INPUT -m state --state NEW -m tcp -p tcp --source 9.12.19.0/24 --dport 9445 -j ACCEPT
	iptables -I INPUT -m state --state NEW -m tcp -p tcp --source 9.12.19.0/24 --dport 9083 -j ACCEPT
	iptables -I INPUT -m state --state NEW -m tcp -p tcp --source 9.12.19.0/24 --dport 9446 -j ACCEPT

	iptables-save