evolix/minifirewall
21
0
Fork 0
Code Issues 4 Pull requests 3 Releases 1 Activity

Delete drop rules for output since it is the default policy now

Browse source
This commit is contained in:
Tristan PILAT 2020-11-18 17:47:54 +01:00
parent 550af6e21f
commit 520b8893f0
1 changed files with 0 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
minifirewall-start.sh
View file

@ -329,10 +329,7 @@ then
fi
fi
## Eventually, we drop the output traffic
$NFT add rule inet minifirewall minifirewall_output ct state established,related accept
$NFT add rule inet minifirewall minifirewall_output meta l4proto udp drop
$NFT add rule inet minifirewall minifirewall_output meta l4proto tcp drop
trap - INT TERM EXIT