mitch/homelab
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

asdf

Browse Source
This commit is contained in:
wvr
2026-02-20 00:46:09 -06:00
parent ac931fc031
commit 9f42949d3d
1 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
caddy/iptables/iptables-caddy.sh
View File

@@ -20,8 +20,10 @@ iptables -P FORWARD DROP
# allow any tcp traffic on local lan
iptables -A OUTPUT -j ACCEPT -d $SUBNET.0/24 -p tcp -m state --state NEW,ESTABLISHED,RELATED
# only allow input on 443
# allow input both 443 and 80
# NOTE: need 80 as well for letsencrypt dont disable idiot
iptables -A INPUT -j ACCEPT -d $SUBNET.0/24 -p tcp --dport 443 -m state --state NEW,ESTABLISHED,RELATED
iptables -A INPUT -j ACCEPT -d $SUBNET.0/24 -p tcp --dport 80 -m state --state NEW,ESTABLISHED,RELATED
# ========================================================================
# dns to pihole