adding DNS to ports to block in mock-detach

author Dan Radez <dradez@redhat.com>

Fri, 12 Aug 2016 15:00:03 +0000 (11:00 -0400)

committer Dan Radez <dradez@redhat.com>

Fri, 12 Aug 2016 15:00:03 +0000 (11:00 -0400)
author Dan Radez <dradez@redhat.com>
Fri, 12 Aug 2016 15:00:03 +0000 (11:00 -0400)
committer Dan Radez <dradez@redhat.com>
Fri, 12 Aug 2016 15:00:03 +0000 (11:00 -0400)
diff --git a/ci/util.sh b/ci/util.sh

index 6681ff5..bcb3a3a 100755 (executable)
--- a/ci/util.sh
+++ b/ci/util.sh
@@ -91,13 +91,19 @@ parse_cmdline() {
              ;;
          mock-detached)
                  if [ "$2" == "on" ]; then
-                    echo "Blocking output http and https traffic"
+                    echo "Blocking output http (80) traffic"
                      iptables -A OUTPUT -p tcp --dport 80 -j REJECT
+                    echo "Blocking output https (443) traffic"
                      iptables -A OUTPUT -p tcp --dport 443 -j REJECT
+                    echo "Blocking output dns (53) traffic"
+                    iptables -A OUTPUT -p tcp --dport 53 -j REJECT
                  elif [ "$2" == "off" ]; then
-                    echo "Allowing output http and https traffic"
+                    echo "Allowing output http (80) traffic"
                      iptables -D OUTPUT -p tcp --dport 80 -j REJECT
+                    echo "Allowing output https (443) traffic"
                      iptables -D OUTPUT -p tcp --dport 443 -j REJECT
+                    echo "Allowing output dns (53) traffic"
+                    iptables -D OUTPUT -p tcp --dport 53 -j REJECT
                  else
                      display_usage
                  fi
author	Dan Radez <dradez@redhat.com>
	Fri, 12 Aug 2016 15:00:03 +0000 (11:00 -0400)
committer	Dan Radez <dradez@redhat.com>
	Fri, 12 Aug 2016 15:00:03 +0000 (11:00 -0400)