blob: 100ee472966682ac77a20834523feb83d7c86277 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
|
#!/bin/sh
# we're adding a bunch of relatively default groups. you can use the same syntax to open ports for munin or other things
SECGROUP=$1
# where do we start? SSH?
nova secgroup-add-rule $SECGROUP tcp 22 22 0/0
nova secgroup-add-rule $SECGROUP tcp 4422 4422 0/0
# web is so common
nova secgroup-add-rule $SECGROUP tcp 80 80 0/0
nova secgroup-add-rule $SECGROUP tcp 443 443 0/0
# client needs 4430 for api communication, at least for webapp
nova secgroup-add-rule $SECGROUP tcp 4430 4430 0/0
# ping. People like Ping, the story about Ping
nova secgroup-add-rule $SECGROUP ICMP -1 -1 0/0
# Ping doesn't like Onions, but we do!
nova secgroup-add-rule $SECGROUP tcp 9001 9001 0/0
# There's also this story about Alice, who gets into a rabbit hole
nova secgroup-add-rule $SECGROUP UDP 1194 1194 0/0
# stunnel to couchdb nodes
nova secgroup-add-rule $SECGROUP tcp 15984 15984 0/0
# bigcouch replication stuff
nova secgroup-add-rule $SECGROUP tcp 14369 14369 0/0
nova secgroup-add-rule $SECGROUP tcp 19002 19002 0/0
# soledad
nova secgroup-add-rule $SECGROUP tcp 2323 2323 0/0
# It probably makes sense to have a bunch of these open for mosh
nova secgroup-add-rule $SECGROUP UDP 60000 60020 0/0
# mail
nova secgroup-add-rule $SECGROUP tcp 25 25 0/0
nova secgroup-add-rule $SECGROUP tcp 465 465 0/0
nova secgroup-add-rule $SECGROUP tcp 587 587 0/0
# That's it for now
|
