foo.sh/ansible
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

pf: Open node_exporter to allow proxying

Browse source
This commit is contained in:
Timo Makinen 2025-08-02 18:24:34 +00:00
parent 1a408365ab
commit f8dba6d387
1 changed files with 4 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

6
roles/pf/templates/pf.conf.gw_dna.j2
View file

@ -46,8 +46,7 @@ pass in quick on $ext_if proto tcp from 37.16.96.144/28 to self port ssh
pass in quick on $ext_if proto tcp from {{ gw_home_ip }}/32 to self port ssh
pass in quick on $ext_if proto tcp from {{ gw_lan_ip }}/32 to self port ssh
# node_exporter and unbound_exporter from internal network
pass in quick on $int_if proto tcp from $int_net to self port 9100
# unbound_exporter from internal network
pass in quick on $int_if proto tcp from $int_net to self port 9167
# allow dhcpd failover
@ -69,6 +68,9 @@ pass in quick on $int_if proto udp from $int_net to self port ntp
pass in quick proto tcp from any to self port http
pass in quick proto tcp from any to self port https
# allow node exporter from outside (to proxy clients)
pass in quick proto tcp from $int_net to self port 9100
# block rest of packets coming to me
block in quick from any to self