Changes
→added note about allowing HN access to everyone, not just local SEGMENT
;;
esac
</pre>
Note: This will only allow access to the HN from the hosts/networks defined in SEGMENT. If you'd like to open up the OKPORTS on the HN to everybody, you can remove the ''-s $SEGMENT'' parameters from the iptables commands under the "Firewall: Allowing access to HN" section. The modified lines would look like this:
<pre>
iptables -I INPUT -j ACCEPT -d $THISHOST --protocol tcp --destination-port $port
iptables -I INPUT -j ACCEPT -d $THISHOST --protocol udp --destination-port $port
</pre>
