moeny/kvm
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add ssh iptables rules

Browse Source
This commit is contained in:
moeny-matt 2025-02-19 16:46:37 -05:00
parent 124eaaf015
commit e23c2114f4
1 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
bolt_vm_automation/tasks/system_setup.sh
View File

@ -15,6 +15,16 @@ if [ -z "$IP" ] || [ -z "$HOSTNAME" ] || [ -z "$DHCP" ] || [ -z "$GATEWAY" ] ||
exit 1
fi
# Configure and install iptables-persistent
sudo DEBIAN_FRONTEND=noninteractive apt-get -y install iptables-persistent
# Restrict SSH access
sudo iptables -A INPUT -p tcp --dport 22 -s 100.40.223.128/26 -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 22 -s 173.62.109.73/32 -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 22 -j DROP
# Use netfilter-persistent to save rules instead of direct file writing
sudo netfilter-persistent save
# Create the new netplan configuration
sudo tee /etc/cloud/cloud.cfg.d/90-installer-network.cfg << EOL
network: