Commit ef6a148b by ChongmingDu

firewall mod

parent 560c560d
#!/bin/bash
#setting firewall configure
systemctl start firewalld.service && systemctl enable firewalld.service
firewall-cmd --permanent --add-port=19221/tcp
firewall-cmd --permanent --add-port=80/tcp
firewall-cmd --permanent --add-service=http
firewall-cmd --permanent --add-service=https
firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="172.16.233.0/20" port protocol="tcp" port="1-65535" accept"
firewall-cmd --permanent --add-port=9527/tcp
firewall-cmd --reload
firewall-cmd --list-all
\ No newline at end of file
...@@ -7,6 +7,14 @@ ...@@ -7,6 +7,14 @@
- name: "Initialization OS" - name: "Initialization OS"
shell: /bin/bash /tmp/init.sh shell: /bin/bash /tmp/init.sh
- name: "firewall shell"
copy:
src: firewall.sh
dest: /tmp/firewall.sh
- name: "run firewall"
shell: /bin/bash /tmp/firewall.sh
- name: "add logrotate file mongo" - name: "add logrotate file mongo"
copy: copy:
src: mongo src: mongo
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment