72e99501a1
- allow UDP 51820 for WireGuard - remove 10.253.0.0/16 from allowed IPs in WireGuard site configs
38 lines
904 B
YAML
38 lines
904 B
YAML
firewall_rules:
|
|
- name: allow-web-inbound
|
|
enabled: true
|
|
vpc_name: dev-vpc-1
|
|
source_ranges: ["0.0.0.0/0"]
|
|
egress_ranges: ["10.0.0.0/16"]
|
|
allow:
|
|
- protocol: tcp
|
|
ports: ["80", "443"]
|
|
|
|
- name: dev-vpc-1-default-inbound
|
|
enabled: true
|
|
vpc_name: dev-vpc-1
|
|
description: Allow ICMP, SSH, and VXLAN from all sources
|
|
source_ranges: ["0.0.0.0/0"]
|
|
allow:
|
|
- protocol: icmp
|
|
- protocol: tcp
|
|
ports: ["22"]
|
|
- protocol: udp
|
|
ports: ["4789"]
|
|
- protocol: udp
|
|
ports: ["51820"]
|
|
|
|
- name: dev-vpc-2-default-inbound
|
|
enabled: true
|
|
vpc_name: dev-vpc-2
|
|
description: Allow ICMP, SSH, and VXLAN from all sources
|
|
source_ranges: ["0.0.0.0/0"]
|
|
allow:
|
|
- protocol: icmp
|
|
- protocol: tcp
|
|
ports: ["22"]
|
|
- protocol: udp
|
|
ports: ["4789"]
|
|
- protocol: udp
|
|
ports: ["51820"]
|