|
Last change
on this file since 1200 was
1200,
checked in by quentin, 16 years ago
|
|
HTTP-based list of scripts servers on http://scripts.mit.edu:78/
|
-
Property svn:executable set to
*
|
|
File size:
1.3 KB
|
| Line | |
|---|
| 1 | #!/bin/sh |
|---|
| 2 | ## Joe Presbrey <presbrey@mit.edu> |
|---|
| 3 | ## Quentin Smith <quentin@mit.edu> |
|---|
| 4 | ## SIPB Scripts LVS Firewall marks |
|---|
| 5 | |
|---|
| 6 | iptables -F -t mangle |
|---|
| 7 | |
|---|
| 8 | # Create a table for regular scripts hosts |
|---|
| 9 | iptables -t mangle -N scripts 2>/dev/null || : |
|---|
| 10 | |
|---|
| 11 | # scripts-vhosts.mit.edu |
|---|
| 12 | iptables -A PREROUTING -t mangle -d 18.181.0.46 -j scripts |
|---|
| 13 | # scripts.mit.edu |
|---|
| 14 | iptables -A PREROUTING -t mangle -d 18.181.0.43 -j scripts |
|---|
| 15 | # scripts-cert.mit.edu |
|---|
| 16 | iptables -A PREROUTING -t mangle -d 18.181.0.50 -j scripts |
|---|
| 17 | |
|---|
| 18 | # Send Apache-bound traffic to FWM 2 (load-balanced) |
|---|
| 19 | iptables -A scripts -t mangle -m tcp -m multiport -p tcp --dports 80,443,444 -j MARK --set-mark 2 |
|---|
| 20 | # Send SMTP-bound traffic to FWM 3 (load-balanced) |
|---|
| 21 | iptables -A scripts -t mangle -m tcp -p tcp --dport 25 -j MARK --set-mark 3 |
|---|
| 22 | # Send finger-bound traffic to FWM 255 (the LVS director itself) |
|---|
| 23 | iptables -A scripts -t mangle -m tcp -p tcp --dport 78:79 -j MARK --set-mark 255 |
|---|
| 24 | # Send everything else to FWM 1 (primary) |
|---|
| 25 | iptables -A scripts -t mangle -m mark --mark 0 -j MARK --set-mark 1 |
|---|
| 26 | |
|---|
| 27 | # webzephyr.mit.edu is special because its SMTP needs to always go to the primary (FWM 1) |
|---|
| 28 | iptables -A PREROUTING -t mangle -m tcp -m multiport -p tcp -d 18.181.0.49 --dports 80,443,444 -j MARK --set-mark 2 |
|---|
| 29 | iptables -A PREROUTING -t mangle -m mark --mark 0 -d 18.181.0.49 -j MARK --set-mark 1 |
|---|
Note: See
TracBrowser
for help on using the repository browser.
