Removed 80/443 port forwards.

This commit is contained in:
Joseph Hanson 2023-05-08 05:52:02 -05:00
parent e9627c9a6b
commit 297ca92860
Signed by: jahanson
SSH key fingerprint: SHA256:vy6dKBECV522aPAwklFM3ReKAVB086rT3oWwiuiFG7o
3 changed files with 1 additions and 36 deletions

View file

@ -693,12 +693,7 @@ set firewall name wan-local rule 1 protocol 'udp'
set firewall name wan-servers default-action 'drop' set firewall name wan-servers default-action 'drop'
set firewall name wan-servers description 'From WAN to SERVERS' set firewall name wan-servers description 'From WAN to SERVERS'
set firewall name wan-servers enable-default-log set firewall name wan-servers enable-default-log
set firewall name wan-servers rule 1 action 'accept'
set firewall name wan-servers rule 1 description 'Rule: accept_ingress_from_cloudflare'
set firewall name wan-servers rule 1 destination group address-group 'k8s_ingress'
set firewall name wan-servers rule 1 destination port 'http,https'
set firewall name wan-servers rule 1 protocol 'tcp'
set firewall name wan-servers rule 1 source group network-group 'cloudflare-ipv4'
## Plex ## Plex
set firewall name wan-servers rule 10 action 'accept' set firewall name wan-servers rule 10 action 'accept'
set firewall name wan-servers rule 10 destination port 32400 set firewall name wan-servers rule 10 destination port 32400

View file

@ -122,21 +122,6 @@ set firewall group address-group wall_displays address '10.1.3.53'
set firewall group address-group wall_displays address '10.1.3.54' set firewall group address-group wall_displays address '10.1.3.54'
# Network groups # Network groups
set firewall group network-group cloudflare-ipv4 network '173.245.48.0/20'
set firewall group network-group cloudflare-ipv4 network '103.21.244.0/22'
set firewall group network-group cloudflare-ipv4 network '103.22.200.0/22'
set firewall group network-group cloudflare-ipv4 network '103.31.4.0/22'
set firewall group network-group cloudflare-ipv4 network '141.101.64.0/18'
set firewall group network-group cloudflare-ipv4 network '108.162.192.0/18'
set firewall group network-group cloudflare-ipv4 network '190.93.240.0/20'
set firewall group network-group cloudflare-ipv4 network '188.114.96.0/20'
set firewall group network-group cloudflare-ipv4 network '197.234.240.0/22'
set firewall group network-group cloudflare-ipv4 network '198.41.128.0/17'
set firewall group network-group cloudflare-ipv4 network '162.158.0.0/15'
set firewall group network-group cloudflare-ipv4 network '104.16.0.0/13'
set firewall group network-group cloudflare-ipv4 network '104.24.0.0/14'
set firewall group network-group cloudflare-ipv4 network '172.64.0.0/13'
set firewall group network-group cloudflare-ipv4 network '131.0.72.0/22'
set firewall group network-group k8s_services network '10.45.0.0/16' set firewall group network-group k8s_services network '10.45.0.0/16'

View file

@ -1,20 +1,5 @@
#!/bin/vbash #!/bin/vbash
# Forward HTTP(S) to ingress
set nat destination rule 100 description 'HTTPS'
set nat destination rule 100 destination port '443'
set nat destination rule 100 inbound-interface 'eth0'
set nat destination rule 100 protocol 'tcp'
set nat destination rule 100 translation address '10.45.0.1'
set nat destination rule 100 translation port '443'
set nat destination rule 101 description 'HTTP'
set nat destination rule 101 destination port '80'
set nat destination rule 101 inbound-interface 'eth0'
set nat destination rule 101 protocol 'tcp'
set nat destination rule 101 translation address '10.45.0.1'
set nat destination rule 101 translation port '80'
# Forward Plex to Sting # Forward Plex to Sting
set nat destination rule 110 description 'PLEX' set nat destination rule 110 description 'PLEX'
set nat destination rule 110 destination port '32400' set nat destination rule 110 destination port '32400'