Removed 80/443 port forwards.
This commit is contained in:
parent
e9627c9a6b
commit
297ca92860
3 changed files with 1 additions and 36 deletions
|
@ -693,12 +693,7 @@ set firewall name wan-local rule 1 protocol 'udp'
|
||||||
set firewall name wan-servers default-action 'drop'
|
set firewall name wan-servers default-action 'drop'
|
||||||
set firewall name wan-servers description 'From WAN to SERVERS'
|
set firewall name wan-servers description 'From WAN to SERVERS'
|
||||||
set firewall name wan-servers enable-default-log
|
set firewall name wan-servers enable-default-log
|
||||||
set firewall name wan-servers rule 1 action 'accept'
|
|
||||||
set firewall name wan-servers rule 1 description 'Rule: accept_ingress_from_cloudflare'
|
|
||||||
set firewall name wan-servers rule 1 destination group address-group 'k8s_ingress'
|
|
||||||
set firewall name wan-servers rule 1 destination port 'http,https'
|
|
||||||
set firewall name wan-servers rule 1 protocol 'tcp'
|
|
||||||
set firewall name wan-servers rule 1 source group network-group 'cloudflare-ipv4'
|
|
||||||
## Plex
|
## Plex
|
||||||
set firewall name wan-servers rule 10 action 'accept'
|
set firewall name wan-servers rule 10 action 'accept'
|
||||||
set firewall name wan-servers rule 10 destination port 32400
|
set firewall name wan-servers rule 10 destination port 32400
|
||||||
|
|
|
@ -122,21 +122,6 @@ set firewall group address-group wall_displays address '10.1.3.53'
|
||||||
set firewall group address-group wall_displays address '10.1.3.54'
|
set firewall group address-group wall_displays address '10.1.3.54'
|
||||||
|
|
||||||
# Network groups
|
# Network groups
|
||||||
set firewall group network-group cloudflare-ipv4 network '173.245.48.0/20'
|
|
||||||
set firewall group network-group cloudflare-ipv4 network '103.21.244.0/22'
|
|
||||||
set firewall group network-group cloudflare-ipv4 network '103.22.200.0/22'
|
|
||||||
set firewall group network-group cloudflare-ipv4 network '103.31.4.0/22'
|
|
||||||
set firewall group network-group cloudflare-ipv4 network '141.101.64.0/18'
|
|
||||||
set firewall group network-group cloudflare-ipv4 network '108.162.192.0/18'
|
|
||||||
set firewall group network-group cloudflare-ipv4 network '190.93.240.0/20'
|
|
||||||
set firewall group network-group cloudflare-ipv4 network '188.114.96.0/20'
|
|
||||||
set firewall group network-group cloudflare-ipv4 network '197.234.240.0/22'
|
|
||||||
set firewall group network-group cloudflare-ipv4 network '198.41.128.0/17'
|
|
||||||
set firewall group network-group cloudflare-ipv4 network '162.158.0.0/15'
|
|
||||||
set firewall group network-group cloudflare-ipv4 network '104.16.0.0/13'
|
|
||||||
set firewall group network-group cloudflare-ipv4 network '104.24.0.0/14'
|
|
||||||
set firewall group network-group cloudflare-ipv4 network '172.64.0.0/13'
|
|
||||||
set firewall group network-group cloudflare-ipv4 network '131.0.72.0/22'
|
|
||||||
|
|
||||||
set firewall group network-group k8s_services network '10.45.0.0/16'
|
set firewall group network-group k8s_services network '10.45.0.0/16'
|
||||||
|
|
||||||
|
|
|
@ -1,20 +1,5 @@
|
||||||
#!/bin/vbash
|
#!/bin/vbash
|
||||||
|
|
||||||
# Forward HTTP(S) to ingress
|
|
||||||
set nat destination rule 100 description 'HTTPS'
|
|
||||||
set nat destination rule 100 destination port '443'
|
|
||||||
set nat destination rule 100 inbound-interface 'eth0'
|
|
||||||
set nat destination rule 100 protocol 'tcp'
|
|
||||||
set nat destination rule 100 translation address '10.45.0.1'
|
|
||||||
set nat destination rule 100 translation port '443'
|
|
||||||
|
|
||||||
set nat destination rule 101 description 'HTTP'
|
|
||||||
set nat destination rule 101 destination port '80'
|
|
||||||
set nat destination rule 101 inbound-interface 'eth0'
|
|
||||||
set nat destination rule 101 protocol 'tcp'
|
|
||||||
set nat destination rule 101 translation address '10.45.0.1'
|
|
||||||
set nat destination rule 101 translation port '80'
|
|
||||||
|
|
||||||
# Forward Plex to Sting
|
# Forward Plex to Sting
|
||||||
set nat destination rule 110 description 'PLEX'
|
set nat destination rule 110 description 'PLEX'
|
||||||
set nat destination rule 110 destination port '32400'
|
set nat destination rule 110 destination port '32400'
|
||||||
|
|
Reference in a new issue