diff options
author | Dan Radez <dradez@redhat.com> | 2016-08-16 11:05:46 +0000 |
---|---|---|
committer | Gerrit Code Review <gerrit@172.30.200.206> | 2016-08-16 11:05:47 +0000 |
commit | 90df047e112c18d3fbda0603c76ac014cf3d7ddd (patch) | |
tree | ba0038ca803b54ea93321e810cdbf667706a3991 /ci | |
parent | 9d3da892c206a8faf93a530e2e619dc8329562e3 (diff) | |
parent | 117b9035e519315d3c67bb53db44fc83103ba23d (diff) |
Merge "adding DNS to ports to block in mock-detach"
Diffstat (limited to 'ci')
-rwxr-xr-x | ci/util.sh | 10 |
1 files changed, 8 insertions, 2 deletions
@@ -91,13 +91,19 @@ parse_cmdline() { ;; mock-detached) if [ "$2" == "on" ]; then - echo "Blocking output http and https traffic" + echo "Blocking output http (80) traffic" iptables -A OUTPUT -p tcp --dport 80 -j REJECT + echo "Blocking output https (443) traffic" iptables -A OUTPUT -p tcp --dport 443 -j REJECT + echo "Blocking output dns (53) traffic" + iptables -A OUTPUT -p tcp --dport 53 -j REJECT elif [ "$2" == "off" ]; then - echo "Allowing output http and https traffic" + echo "Allowing output http (80) traffic" iptables -D OUTPUT -p tcp --dport 80 -j REJECT + echo "Allowing output https (443) traffic" iptables -D OUTPUT -p tcp --dport 443 -j REJECT + echo "Allowing output dns (53) traffic" + iptables -D OUTPUT -p tcp --dport 53 -j REJECT else display_usage fi |