minifirewall: Make outgoing SSH in IPv6 works

This commit is contained in:
Ludovic Poujol 2017-12-15 14:49:21 +01:00
parent bfb8a6cee8
commit b90260ae28

View file

@ -77,7 +77,8 @@ NTPOK='0.0.0.0/0'
# Example: allow SSH from Trusted IPv6 addresses
/sbin/ip6tables -A INPUT -i $INT -p tcp --dport 22 -s 2a01:9500:37:129::/64 -j ACCEPT
# Example: allow input HTTP/HTTPS/SMTP/DNS traffic
# Example: allow outgoing SSH/HTTP/HTTPS/SMTP/DNS traffic
/sbin/ip6tables -A INPUT -i $INT -p tcp --sport 22 --match state --state ESTABLISHED,RELATED -j ACCEPT
/sbin/ip6tables -A INPUT -i $INT -p tcp --sport 80 --match state --state ESTABLISHED,RELATED -j ACCEPT
/sbin/ip6tables -A INPUT -i $INT -p tcp --sport 443 --match state --state ESTABLISHED,RELATED -j ACCEPT
/sbin/ip6tables -A INPUT -i $INT -p tcp --sport 25 --match state --state ESTABLISHED,RELATED -j ACCEPT