Commit 73e06873 authored by Leigh Stoller's avatar Leigh Stoller

Allow topd monitoring port into dom0.

parent 594a9d10
# #
# Copyright (c) 2005-2014 University of Utah and the Flux Group. # Copyright (c) 2005-2016 University of Utah and the Flux Group.
# #
# {{{EMULAB-LICENSE # {{{EMULAB-LICENSE
# #
...@@ -142,6 +142,11 @@ iptables -A OUTPUT -p tcp --dport 443 -m conntrack --ctstate NEW -j ACCEPT # BAS ...@@ -142,6 +142,11 @@ iptables -A OUTPUT -p tcp --dport 443 -m conntrack --ctstate NEW -j ACCEPT # BAS
iptables -A INPUT -p gre -m conntrack --ctstate NEW -j ACCEPT # BASIC,CLOSED iptables -A INPUT -p gre -m conntrack --ctstate NEW -j ACCEPT # BASIC,CLOSED
iptables -A OUTPUT -p gre -m conntrack --ctstate NEW -j ACCEPT # BASIC,CLOSED iptables -A OUTPUT -p gre -m conntrack --ctstate NEW -j ACCEPT # BASIC,CLOSED
#
# TOPD monitoring port.
#
iptables -A INPUT -p tcp -d me --dport 4097 -m conntrack --ctstate NEW -j ACCEPT # BASIC,CLOSED
# #
# Event Proxy. So we do not actually need this on XEN dom0, but we use these # Event Proxy. So we do not actually need this on XEN dom0, but we use these
# rules on openvz too (no prerouting rule). We might want to try restricting # rules on openvz too (no prerouting rule). We might want to try restricting
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment