Remove unused rules.

89abc31e · Leigh B Stoller · f3f87811 · 89abc31e
Commit 89abc31e authored Jun 10, 2016 by Leigh B Stoller
Hide whitespace changes
Inline Side-by-side

Showing with 0 additions and 11 deletions

firewall/iptables-fw-dom0-rules firewall/iptables-fw-dom0-rules +0 -11

No files found.
--- a/firewall/iptables-fw-dom0-rules
+++ b/firewall/iptables-fw-dom0-rules
@@ -165,17 +165,6 @@ iptables -A INPUT -p tcp -d me -s EMULAB_VCNET --dport 16505 -m conntrack --ctst
 iptables -P INPUT DROP # BASIC,CLOSED,ELABINELAB
 iptables -P OUTPUT DROP # BASIC,CLOSED,ELABINELAB

-#
-# Block port 111 (rpcbind) from reaching the nodes. 
-#
-#iptables -A FORWARD -s 127.0.0.1/32 -p tcp -m physdev --physdev-in eth0 -m tcp --dport 111 -j ACCEPT # BASIC,CLOSED,ELABINELAB
-#iptables -A FORWARD -s EMULAB_VCNET -p tcp -m physdev --physdev-in eth0 -m tcp --dport 111 -j ACCEPT # BASIC,CLOSED,ELABINELAB
-#iptables -A FORWARD -s EMULAB_VCNET -p udp -m physdev --physdev-in eth0 -m udp --dport 111 -j ACCEPT # BASIC,CLOSED,ELABINELAB
-#iptables -A FORWARD -s EMULAB_CNET  -p tcp -m physdev --physdev-in eth0 -m tcp --dport 111 -j ACCEPT # BASIC,CLOSED,ELABINELAB
-#iptables -A FORWARD -s EMULAB_CNET  -p udp -m physdev --physdev-in eth0 -m udp --dport 111 -j ACCEPT # BASIC,CLOSED,ELABINELAB
-#iptables -A FORWARD -p tcp -m physdev --physdev-in eth0 -m tcp --dport 111 -j DROP # BASIC,CLOSED,ELABINELAB
-#iptables -A FORWARD -p udp -m physdev --physdev-in eth0 -m udp --dport 111 -j DROP # BASIC,CLOSED,ELABINELAB
-
 #
 # Drop some logging in for debugging.
 #