| | 79 | |
| | 80 | Las reglas que se han añadido han sido las siguientes: |
| | 81 | |
| | 82 | {{{#!bash |
| | 83 | iptables -A INPUT -p tcp --dport 2049 -j ACCEPT # Puerto para NFS |
| | 84 | iptables -A INPUT -p udp --dport 2049 -j ACCEPT # UDP para NFS |
| | 85 | iptables -A INPUT -p udp --dport 111 -j ACCEPT # UDP para rpcbind |
| | 86 | iptables -A INPUT -p tcp --dport 20048 -j ACCEPT # Mountd |
| | 87 | iptables -A INPUT -p udp --dport 20048 -j ACCEPT # Mountd |
| | 88 | iptables -A INPUT -j REJECT --reject-with icmp-host-prohibited |
| | 89 | }}} |
| | 90 | |
| | 91 | Al final se tiene lo siguiente: |
| | 92 | |
| | 93 | {{{#!bash |
| | 94 | Chain INPUT (policy ACCEPT) |
| | 95 | target prot opt source destination |
| | 96 | ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED |
| | 97 | ACCEPT icmp -- anywhere anywhere |
| | 98 | ACCEPT all -- anywhere anywhere |
| | 99 | ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh |
| | 100 | ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:nrpe |
| | 101 | ACCEPT udp -- anywhere anywhere udp dpt:tftp |
| | 102 | ACCEPT tcp -- anywhere anywhere tcp dpt:tftp |
| | 103 | ACCEPT tcp -- anywhere anywhere tcp dpt:nfs |
| | 104 | ACCEPT udp -- anywhere anywhere udp dpt:nfs |
| | 105 | ACCEPT tcp -- anywhere anywhere tcp dpt:sunrpc |
| | 106 | ACCEPT udp -- anywhere anywhere udp dpt:sunrpc |
| | 107 | ACCEPT tcp -- anywhere anywhere tcp dpt:mountd |
| | 108 | ACCEPT udp -- anywhere anywhere udp dpt:mountd |
| | 109 | ACCEPT tcp -- anywhere anywhere tcp dpt:npp |
| | 110 | REJECT all -- anywhere anywhere reject-with icmp-host-prohibited |
| | 111 | |
| | 112 | Chain FORWARD (policy ACCEPT) |
| | 113 | target prot opt source destination |
| | 114 | REJECT all -- anywhere anywhere reject-with icmp-host-prohibited |
| | 115 | |
| | 116 | Chain OUTPUT (policy ACCEPT) |
| | 117 | target prot opt source destination |
| | 118 | |
| | 119 | Chain DOCKER-USER (0 references) |
| | 120 | target prot opt source destination |
| | 121 | }}} |
