add iptables mangle configuration for swarm

2022-08-31 11:33:50 +02:00 · 2022-08-31 11:33:50 +02:00 · 9de95d45d5
parent ed867e87e8
commit 9de95d45d5
2 changed files with 18 additions and 0 deletions
--- a/cloud-init/swarm-manager.yml
+++ b/cloud-init/swarm-manager.yml
@ -22,6 +22,15 @@ write_files:
    permissions: 0644
    owner: root:root
    content: |
+      *mangle
+      :PREROUTING ACCEPT [0:0]
+      :INPUT ACCEPT [0:0]
+      :FORWARD ACCEPT [0:0]
+      :OUTPUT ACCEPT [0:0]
+      :POSTROUTING ACCEPT [0:0]
+      -A PREROUTING -i eth0 -p tcp -m tcp --dport 2222 -j DROP
+      COMMIT
+
      *filter
      :INPUT DROP [0:0]
      :FORWARD DROP [0:0]
--- a/cloud-init/swarm-worker.yml
+++ b/cloud-init/swarm-worker.yml
@ -23,6 +23,15 @@ write_files:
    permissions: 0644
    owner: root:root
    content: |
+      *mangle
+      :PREROUTING ACCEPT [0:0]
+      :INPUT ACCEPT [0:0]
+      :FORWARD ACCEPT [0:0]
+      :OUTPUT ACCEPT [0:0]
+      :POSTROUTING ACCEPT [0:0]
+      -A PREROUTING -i eth0 -p tcp -m tcp --dport 2222 -j DROP
+      COMMIT
+
      *filter
      :INPUT DROP [0:0]
      :FORWARD DROP [0:0]