Stricter inter-server communications and no more docker rules

iptables-setup.sh

@@ -8,7 +8,8 @@ iptables -I INPUT -p tcp --tcp-flags ALL NONE -j DROP				# Block null packets
 iptables -I INPUT -p tcp ! --syn -m state --state NEW -j DROP			# Block syn floods
 
 # Cross-server free networking
-iptables -A INPUT -i ens10 -j ACCEPT
+iptables -A INPUT -m multiport -p tcp --dports 7946,2377 -i ens10 -j ACCEPT
+iptables -A INPUT -m multiport -p udp --dports 7946,4789 -i ens10 -j ACCEPT
 
 # Allow forwarding of existing connections
 iptables -A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
@@ -17,13 +18,6 @@ iptables -A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
 iptables -A INPUT -p tcp -m multiport --dports 22,80,443,2200,2422,2442,25565,51413,51820 -j ACCEPT
 iptables -A INPUT -p udp -m multiport --dports 443,2200,25565,51820 -j ACCEPT
 
-# Docker Rules (not required with rules above)
-#iptables -A INPUT -p tcp --dport 7946 -j ACCEPT
-#iptables -A INPUT -p udp --dport 7946 -j ACCEPT
-#iptables -A INPUT -p tcp --dport 2377 -j ACCEPT
-#iptables -A INPUT -p udp --dport 4789 -j ACCEPT
-#iptables -A INPUT -p ESP -j ACCEPT						# IPSEC for Docker
-
 # Special Rules
 iptables -I INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT		# Keep existing connections open
 iptables -I INPUT 1 -i lo -j ACCEPT						# Loopback connections