In onion only mode don't open ports
This commit is contained in:
parent
d087b3aaa4
commit
e7d02f6091
|
@ -3910,6 +3910,9 @@ function configure_firewall_for_voip {
|
|||
if grep -Fxq "configure_firewall_for_voip" $COMPLETION_FILE; then
|
||||
return
|
||||
fi
|
||||
if [[ $ONION_ONLY != "no" ]]; then
|
||||
return
|
||||
fi
|
||||
iptables -A INPUT -p udp --dport $VOIP_PORT -j ACCEPT
|
||||
iptables -A INPUT -p tcp --dport $VOIP_PORT -j ACCEPT
|
||||
save_firewall_settings
|
||||
|
@ -3923,6 +3926,9 @@ function configure_firewall_for_sip {
|
|||
if grep -Fxq "configure_firewall_for_sip" $COMPLETION_FILE; then
|
||||
return
|
||||
fi
|
||||
if [[ $ONION_ONLY != "no" ]]; then
|
||||
return
|
||||
fi
|
||||
iptables -A INPUT -p udp --dport $SIP_PORT -j ACCEPT
|
||||
iptables -A INPUT -p tcp --dport $SIP_PORT -j ACCEPT
|
||||
save_firewall_settings
|
||||
|
@ -3936,6 +3942,9 @@ function configure_firewall_for_ipfs {
|
|||
if grep -Fxq "configure_firewall_for_ipfs" $COMPLETION_FILE; then
|
||||
return
|
||||
fi
|
||||
if [[ $ONION_ONLY != "no" ]]; then
|
||||
return
|
||||
fi
|
||||
iptables -A INPUT -p tcp --dport $IPFS_PORT -j ACCEPT
|
||||
save_firewall_settings
|
||||
echo 'configure_firewall_for_ipfs' >> $COMPLETION_FILE
|
||||
|
@ -4049,6 +4058,9 @@ function configure_firewall_for_xmpp {
|
|||
# docker does its own firewalling
|
||||
return
|
||||
fi
|
||||
if [[ $ONION_ONLY != "no" ]]; then
|
||||
return
|
||||
fi
|
||||
iptables -A INPUT -p tcp --dport 5222:5223 -j ACCEPT
|
||||
iptables -A INPUT -p tcp --dport 5269 -j ACCEPT
|
||||
iptables -A INPUT -p tcp --dport 5280:5281 -j ACCEPT
|
||||
|
@ -4067,6 +4079,9 @@ function configure_firewall_for_irc {
|
|||
# docker does its own firewalling
|
||||
return
|
||||
fi
|
||||
if [[ $ONION_ONLY != "no" ]]; then
|
||||
return
|
||||
fi
|
||||
iptables -A INPUT -p tcp --dport $IRC_PORT -j ACCEPT
|
||||
iptables -I INPUT -p tcp --dport 1024:65535 --sport $IRC_PORT -j ACCEPT
|
||||
save_firewall_settings
|
||||
|
@ -4081,6 +4096,9 @@ function configure_firewall_for_ftp {
|
|||
# docker does its own firewalling
|
||||
return
|
||||
fi
|
||||
if [[ $ONION_ONLY != "no" ]]; then
|
||||
return
|
||||
fi
|
||||
iptables -I INPUT -p tcp --dport 1024:65535 --sport 20:21 -j ACCEPT
|
||||
save_firewall_settings
|
||||
echo 'configure_firewall_for_ftp' >> $COMPLETION_FILE
|
||||
|
@ -4094,6 +4112,9 @@ function configure_firewall_for_web_access {
|
|||
# docker does its own firewalling
|
||||
return
|
||||
fi
|
||||
if [[ $ONION_ONLY != "no" ]]; then
|
||||
return
|
||||
fi
|
||||
iptables -A INPUT -p tcp --dport 32768:61000 --sport 80 -j ACCEPT
|
||||
iptables -A INPUT -p tcp --dport 32768:61000 --sport 443 -j ACCEPT
|
||||
save_firewall_settings
|
||||
|
@ -4108,6 +4129,9 @@ function configure_firewall_for_web_server {
|
|||
# docker does its own firewalling
|
||||
return
|
||||
fi
|
||||
if [[ $ONION_ONLY != "no" ]]; then
|
||||
return
|
||||
fi
|
||||
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
|
||||
iptables -A INPUT -p tcp --dport 443 -j ACCEPT
|
||||
save_firewall_settings
|
||||
|
@ -4122,6 +4146,9 @@ function configure_firewall_for_tox {
|
|||
# docker does its own firewalling
|
||||
return
|
||||
fi
|
||||
if [[ $ONION_ONLY != "no" ]]; then
|
||||
return
|
||||
fi
|
||||
iptables -A INPUT -p tcp --dport $TOX_PORT -j ACCEPT
|
||||
save_firewall_settings
|
||||
echo 'configure_firewall_for_tox' >> $COMPLETION_FILE
|
||||
|
@ -4149,6 +4176,9 @@ function configure_firewall_for_git {
|
|||
# docker does its own firewalling
|
||||
return
|
||||
fi
|
||||
if [[ $ONION_ONLY != "no" ]]; then
|
||||
return
|
||||
fi
|
||||
iptables -A INPUT -p tcp --dport 9418 -j ACCEPT
|
||||
save_firewall_settings
|
||||
echo 'configure_firewall_for_git' >> $COMPLETION_FILE
|
||||
|
@ -4165,6 +4195,9 @@ function configure_firewall_for_email {
|
|||
# docker does its own firewalling
|
||||
return
|
||||
fi
|
||||
if [[ $ONION_ONLY != "no" ]]; then
|
||||
return
|
||||
fi
|
||||
iptables -A INPUT -p tcp --dport 25 -j ACCEPT
|
||||
iptables -A INPUT -p tcp --dport 587 -j ACCEPT
|
||||
iptables -A INPUT -p tcp --dport 465 -j ACCEPT
|
||||
|
|
Loading…
Reference in New Issue