From ec14ee9f3e9888b69e8ece75746135c78bb83cda Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Beno=C3=AEt=20S=C3=89RIE?= Date: Fri, 9 Nov 2012 10:05:34 +0100 Subject: [PATCH] Last committer removed the IPv4 UDP rules?! Re-adding. --- firewall.rc | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/firewall.rc b/firewall.rc index ebda242..d81866e 100644 --- a/firewall.rc +++ b/firewall.rc @@ -82,11 +82,15 @@ NTPOK='0.0.0.0/0' /sbin/ip6tables -A INPUT -i $INT -p tcp --sport 443 --match state --state ESTABLISHED,RELATED -j ACCEPT /sbin/ip6tables -A INPUT -i eth0 -p tcp --sport 25 --match state --state ESTABLISHED,RELATED -j ACCEPT -################### IPv4 Specific rules -# /sbin/iptables ... - # Allow DNS, NTP and traceroute traffic /sbin/ip6tables -A OUTPUT -p udp --dport 53 --match state --state NEW -j ACCEPT /sbin/ip6tables -A OUTPUT -p udp --dport 123 --match state --state NEW -j ACCEPT /sbin/ip6tables -A OUTPUT -p udp --dport 33434:33523 --match state --state NEW -j ACCEPT +################### IPv4 Specific rules +# /sbin/iptables ... + +# Allow DNS, NTP and traceroute traffic +/sbin/iptables -A OUTPUT -p udp --dport 53 --match state --state NEW -j ACCEPT +/sbin/iptables -A OUTPUT -p udp --dport 123 --match state --state NEW -j ACCEPT +/sbin/iptables -A OUTPUT -p udp --dport 33434:33523 --match state --state NEW -j ACCEPT