We have to accepted output ICMP and IGMP since we drop output traffic by default
This commit is contained in:
parent
ba865faf0a
commit
36634a705f
|
@ -381,6 +381,11 @@ fi
|
||||||
|
|
||||||
$NFT add rule inet minifirewall minifirewall_output ct state established,related accept
|
$NFT add rule inet minifirewall minifirewall_output ct state established,related accept
|
||||||
|
|
||||||
|
# ICMP and IGMP traffic is accepted
|
||||||
|
$NFT add rule inet minifirewall minifirewall_output ip protocol icmp accept
|
||||||
|
$NFT add rule inet minifirewall minifirewall_output meta l4proto ipv6-icmp accept
|
||||||
|
$NFT add rule inet minifirewall minifirewall_output ip protocol igmp accept
|
||||||
|
|
||||||
trap - INT TERM EXIT
|
trap - INT TERM EXIT
|
||||||
|
|
||||||
echo "...starting NFTables rules is now finish : OK"
|
echo "...starting NFTables rules is now finish : OK"
|
||||||
|
|
Loading…
Reference in a new issue