summaryrefslogtreecommitdiffstats
path: root/ci
diff options
context:
space:
mode:
authorDan Radez <dradez@redhat.com>2016-08-16 11:05:46 +0000
committerGerrit Code Review <gerrit@172.30.200.206>2016-08-16 11:05:47 +0000
commit90df047e112c18d3fbda0603c76ac014cf3d7ddd (patch)
treeba0038ca803b54ea93321e810cdbf667706a3991 /ci
parent9d3da892c206a8faf93a530e2e619dc8329562e3 (diff)
parent117b9035e519315d3c67bb53db44fc83103ba23d (diff)
Merge "adding DNS to ports to block in mock-detach"
Diffstat (limited to 'ci')
-rwxr-xr-xci/util.sh10
1 files changed, 8 insertions, 2 deletions
diff --git a/ci/util.sh b/ci/util.sh
index 6681ff56..bcb3a3a7 100755
--- a/ci/util.sh
+++ b/ci/util.sh
@@ -91,13 +91,19 @@ parse_cmdline() {
;;
mock-detached)
if [ "$2" == "on" ]; then
- echo "Blocking output http and https traffic"
+ echo "Blocking output http (80) traffic"
iptables -A OUTPUT -p tcp --dport 80 -j REJECT
+ echo "Blocking output https (443) traffic"
iptables -A OUTPUT -p tcp --dport 443 -j REJECT
+ echo "Blocking output dns (53) traffic"
+ iptables -A OUTPUT -p tcp --dport 53 -j REJECT
elif [ "$2" == "off" ]; then
- echo "Allowing output http and https traffic"
+ echo "Allowing output http (80) traffic"
iptables -D OUTPUT -p tcp --dport 80 -j REJECT
+ echo "Allowing output https (443) traffic"
iptables -D OUTPUT -p tcp --dport 443 -j REJECT
+ echo "Allowing output dns (53) traffic"
+ iptables -D OUTPUT -p tcp --dport 53 -j REJECT
else
display_usage
fi