summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDan Radez <dradez@redhat.com>2016-08-12 11:00:03 -0400
committerDan Radez <dradez@redhat.com>2016-08-12 11:00:03 -0400
commit117b9035e519315d3c67bb53db44fc83103ba23d (patch)
treef22e775cd171c1694a6309ea0e08c14720c86acc
parent7bc81629e67d747cc362056669070f856494fe01 (diff)
adding DNS to ports to block in mock-detach
Change-Id: Ic1be571650a301384b91981f3c2a362fa50c7414 Signed-off-by: Dan Radez <dradez@redhat.com>
-rwxr-xr-xci/util.sh10
1 files changed, 8 insertions, 2 deletions
diff --git a/ci/util.sh b/ci/util.sh
index 6681ff56..bcb3a3a7 100755
--- a/ci/util.sh
+++ b/ci/util.sh
@@ -91,13 +91,19 @@ parse_cmdline() {
;;
mock-detached)
if [ "$2" == "on" ]; then
- echo "Blocking output http and https traffic"
+ echo "Blocking output http (80) traffic"
iptables -A OUTPUT -p tcp --dport 80 -j REJECT
+ echo "Blocking output https (443) traffic"
iptables -A OUTPUT -p tcp --dport 443 -j REJECT
+ echo "Blocking output dns (53) traffic"
+ iptables -A OUTPUT -p tcp --dport 53 -j REJECT
elif [ "$2" == "off" ]; then
- echo "Allowing output http and https traffic"
+ echo "Allowing output http (80) traffic"
iptables -D OUTPUT -p tcp --dport 80 -j REJECT
+ echo "Allowing output https (443) traffic"
iptables -D OUTPUT -p tcp --dport 443 -j REJECT
+ echo "Allowing output dns (53) traffic"
+ iptables -D OUTPUT -p tcp --dport 53 -j REJECT
else
display_usage
fi