From 72c5498e64391c543a90b0750e4c9fc05bdbc04b Mon Sep 17 00:00:00 2001 From: root Date: Thu, 18 Jan 2024 11:11:34 +0100 Subject: [PATCH] maj role fw --- roles/fw-ferm/files/ferm.conf.r-vp1 | 3 +-- roles/fw-ferm/files/ferm.conf.r-vp2 | 2 +- wireguard/ping-sinfra.sh | 2 +- 3 files changed, 3 insertions(+), 4 deletions(-) diff --git a/roles/fw-ferm/files/ferm.conf.r-vp1 b/roles/fw-ferm/files/ferm.conf.r-vp1 index 0474864..c9a4540 100644 --- a/roles/fw-ferm/files/ferm.conf.r-vp1 +++ b/roles/fw-ferm/files/ferm.conf.r-vp1 @@ -4,7 +4,6 @@ @def $DEV_PRIVATE = enp0s8; @def $DEV_WORLD = enp0s9; -@def $DEV_WORLD = enp0s9; @def $DEV_VPN= wg0; @def $NET_PRIVATE = 172.16.0.0/24; @@ -32,7 +31,7 @@ table filter { # well-known internet hosts saddr ($NET_PRIVATE) proto tcp dport ssh ACCEPT; - # we provide DNS and SMTP services for the internal net + # we provide DNS services for the internal net interface $DEV_PRIVATE saddr $NET_PRIVATE { proto (udp tcp) dport domain ACCEPT; proto udp dport bootps ACCEPT; diff --git a/roles/fw-ferm/files/ferm.conf.r-vp2 b/roles/fw-ferm/files/ferm.conf.r-vp2 index db2b9a7..67f861a 100644 --- a/roles/fw-ferm/files/ferm.conf.r-vp2 +++ b/roles/fw-ferm/files/ferm.conf.r-vp2 @@ -29,7 +29,7 @@ table filter { # well-known internet hosts saddr ($NET_PRIVATE) proto tcp dport ssh ACCEPT; - # we provide DNS and SMTP services for the internal net + # we provide DNS services for the internal net interface $DEV_PRIVATE saddr $NET_PRIVATE { proto (udp tcp) dport domain ACCEPT; proto udp dport bootps ACCEPT; diff --git a/wireguard/ping-sinfra.sh b/wireguard/ping-sinfra.sh index 31be267..67f6369 100644 --- a/wireguard/ping-sinfra.sh +++ b/wireguard/ping-sinfra.sh @@ -18,4 +18,4 @@ echo ping r-vp2 interface interface interne ping -c3 172.16.128.254 echo ping s-agence -ping -c3 172.16.128.11 +ping -c3 172.16.128.10