From ee47266a811e77e4b688f8834fc6c72b4a70c5d6 Mon Sep 17 00:00:00 2001
From: Brent Bloxam <brent.bloxam@gmail.com>
Date: Tue, 20 Mar 2012 13:04:58 -0400
Subject: Added missing table for SSH, fixed allowable SSH address to be proper
 RFC1918 Class C (cherry picked from commit
 e7fb96776d0e18670fdfb61025295e27b1dc772b)

---
 doc/server/plugins/generators/tgenshi/iptables.txt | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'doc')

diff --git a/doc/server/plugins/generators/tgenshi/iptables.txt b/doc/server/plugins/generators/tgenshi/iptables.txt
index 2655e7b2d..3e49470d7 100644
--- a/doc/server/plugins/generators/tgenshi/iptables.txt
+++ b/doc/server/plugins/generators/tgenshi/iptables.txt
@@ -64,6 +64,7 @@ iptables
     :FORWARD DROP [0:0]
     :OUTPUT ACCEPT [0:0]
     :NO-SMTP - [0:0]
+    :SSH - [0:0]
 
     #Default rules
     #discard malicious packets
@@ -84,7 +85,7 @@ iptables
 
     # Allow SSH Access
     -A INPUT  -p tcp -m state --state NEW -m tcp --tcp-flags FIN,SYN,RST,ACK SYN --dport 22 -j SSH
-    -A SSH -s 192.0.0.0/255.0.0.0  -j ACCEPT
+    -A SSH -s 192.168.0.0/255.255.0.0  -j ACCEPT
 
     # Allow Ganglia Access
     -A INPUT -m state --state NEW -m tcp -p tcp --tcp-flags FIN,SYN,RST,ACK SYN --src 192.168.1.1 --dport 8649 -j ACCEPT
-- 
cgit v1.2.3-1-g7c22