dns/dns-ops
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

nft's table inet is IPv4+IPv6 aware, no need for special IPv6 rule

Browse source
This commit is contained in:
pettai 2024-06-13 13:12:32 +02:00
parent ebbc77db04
commit c85bd24126
No known key found for this signature in database
GPG key ID: CDF2C381E9A751BD
1 changed files with 0 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
global/overlay/etc/puppet/modules/dns/manifests/apache2.pp
View file

@ -28,13 +28,7 @@ class dns::apache2 {
sunet::nftables::rule { 'apache-http': sunet::nftables::rule { 'apache-http':
rule => "add rule inet filter input tcp dport 80 counter accept comment \"allow-apache2-http\"" rule => "add rule inet filter input tcp dport 80 counter accept comment \"allow-apache2-http\""
} }
#sunet::nftables::rule { 'apache-http-v6':
# rule => "add rule inet6 filter input tcp dport 80 counter accept comment \"allow-apache2-http\""
#}
sunet::nftables::rule { 'apache-https': sunet::nftables::rule { 'apache-https':
rule => "add rule inet filter input tcp dport 443 counter accept comment \"allow-apache2-https\"" rule => "add rule inet filter input tcp dport 443 counter accept comment \"allow-apache2-https\""
} }
#sunet::nftables::rule { 'apache-https-v6':
# rule => "add rule inet6 filter input tcp dport 443 counter accept comment \"allow-apache2-https\""
#}
} }