...
| Bloc de code |
|---|
allow to 0/0 to udp/53 # DNS request allow to 0/0 to udp/123 # Network Time Protocol allow to 157.159.0.0/16 to tcp/22 # SSH vers le réseau de l'établissement \# \# Récupération de package allow to 0/0 to tcp/21 # FTP allow from 0/0 from tcp/20 # FTP-data allow fromto 0/0 fromto tcp/20 80 # FTP-dataHTTP YUM allow to 0/0 to tcp/80 # HTTP YUM11371 # PGP-keys # # Portail allow to 0/0157.159.10.29/32 to tcp/11371 # PGP-keys \# \# Portail443 # Accès https au CAS de l'établissement allow to 157.159.10.2976/32 to tcp/443 # CAS request to cas.it-sudparis.eu3306 # Requêtes mysql vers un serveur central (pas nécessaire a priori) allow to 157.159.100.760/3216 to tcp/3306 # mysql request to mysql1 allow to389 # LDAP (tcp/636 pour du LDAPS) allow to 157.159.0.0/16 to tcp/389 25 # LDAPSMTP allow to 157.159.0./0/16 to tcp/25 # SMTP8443 # HTTPS tomcat pour shibboleth allow to 0/0 to tcp/8443 # 443 # HTTPS pour shibboleth allow to 0/0 to tcp/443 # shibboleth445 # CIFS stockage allow to 0/0 to tcp/445 137 # CIFS stockage allow to 0/0 to tcp/137 138 # CIFS stockage allow to 0/0 to tcp/138 139 # CIFS stockage allow to 0/0157.159.10.88/32 to tcp/139 # CIFS stockage allow to 157.159.10.88/32 to tcp/143 # Accès 143 # Accès au serveur de boites aux lettres pour Canal IMAP |
...
| Bloc de code |
|---|
allow from 0/0 to tcp/80 # HTTP allow from 157.159.0.0/16 to tcp/8080 # HTTP tomcat allow from 0/0 to tcp/443 # HTTPS allow from 0/0 to tcp/8443 to tcp/8443 # HTTPS tomcat allow from 0/0 to tcp/22 # Local SSH allow from 0/0 to udp/161 # SNMP |
2/ Installation système de base
...