IpTables
IpTables is being used to restrict network access to machines. Homelab physical machines are not running anything special for IpTables because they are already behind my router.
| Machine | SSH | Others |
|---|---|---|
| headscale | Tailscale | 80, 443, 50443 |
| jlpatl | Tailscale | N/A |
| jlpgreencloud | Allowed | 80, 443 |
| jlpks8888 | Tailscale | N/A |
Tailscale for SSH means that the rule for blocking SSH comes after the rule for allowing Tailscale traffic.
# Allow all traffic over the tailscale interface
-A INPUT -i tailscale0 -j ACCEPT
# Block all SSH traffic
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j DROP