Allow to check ssh on lime2 when using NATted address

2025-03-25 10:22:56 +01:00 · 2025-03-25 10:22:56 +01:00 · c7a48b74c6
commit c7a48b74c6
parent 342dcdf016
1 changed files with 1 additions and 0 deletions
--- a/roles/icinga2_master/templates/nftables/output.d/icinga2.conf.j2
+++ b/roles/icinga2_master/templates/nftables/output.d/icinga2.conf.j2
@ -2,3 +2,4 @@

 ip daddr {{ hostvars[icinga2_agent].ipv4_addr }} tcp dport 5665 accept comment "Allow Icinga2 to Agent"
 ip daddr {{ hostvars[relayhost].ipv4_addr }} tcp dport { 22, 25, 465, 587, 993 } accept comment "Allow some ports to check mailserver"
+ip daddr {{ ipv4_addr }} tcp dport 22 accept comment "Allow some ports to check myself"