There’s no doubt I was stuck on this one due to my inability to read the docs carefully.
Whilst deploying an app via git using capistrano, I was continuously stuck after upgrading my gems. The reason? I wasn’t using bundle install…
Do this to upgrade your local and remote applications:
bundle update
bundle install
git add .
git commit -a -m “Some updates….”
git push origin master
cap <<stage>> deploy
{ 0 comments }
Create new file in /etc/iptables.test
* filter
:INPUT DROP [1:48]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [129:20352]# Allows all loopback (lo0) traffic and drop all traffic to 127/8 that doesn’t
-A INPUT -i lo -j ACCEPT#Accept SSH connections
#-A INPUT -p tcp -m state –state NEW –dport 22 -j ACCEPT
-A INPUT -s 1.2.3.4/32 -p tcp -m tcp –dport 22 -j ACCEPT
-A INPUT -s 2.3.4.5 -p tcp -m tcp –dport 22 -j ACCEPT#Accept Established connections
-A INPUT -m state –state RELATED,ESTABLISH -j ACCEPT#Accept HTTP connections
-A INPUT -p tcp -m tcp –dport 80 -j ACCEPT
-A INPUT -p tcp -m tcp –dport 443 -j ACCEPT
-A INPUT -p tcp -m tcp –dport 8080 -j ACCEPT#Accept MySQL requests
-A INPUT -s 1.2.3.4/32 -p tcp -m tcp –dport 3306 -j ACCEPT
-A INPUT -s 2.3.4.5/32 -p tcp -m tcp –dport 3306 -j ACCEPT#Accept all radius requests
-A INPUT -p udp -m udp –dport 1812 -j ACCEPT
-A INPUT -p udp -m udp –dport 1813 -j ACCEPT#Accept all PING requests on ICMP
-A INPUT -p icmp -j ACCEPT# Reject all other inbound – default deny unless explicitly allowed policy
-A INPUT -j REJECT
-A FORWARD -j REJECTCOMMIT
Test your commands work:
iptables-restore < /etc/iptables.test
Make sure you can login from another terminal session.
Save out rules:
iptables-save > /etc/iptables.rules
Add to network interface start up script:
auto lo
iface lo inet loopback
pre-up iptables-restore < /etc/iptables.rules
Reboot your server….
{ 0 comments }