Last committer removed the IPv4 UDP rules?! Re-adding.
This commit is contained in:
parent
f84add886a
commit
ec14ee9f3e
10
firewall.rc
10
firewall.rc
|
@ -82,11 +82,15 @@ NTPOK='0.0.0.0/0'
|
||||||
/sbin/ip6tables -A INPUT -i $INT -p tcp --sport 443 --match state --state ESTABLISHED,RELATED -j ACCEPT
|
/sbin/ip6tables -A INPUT -i $INT -p tcp --sport 443 --match state --state ESTABLISHED,RELATED -j ACCEPT
|
||||||
/sbin/ip6tables -A INPUT -i eth0 -p tcp --sport 25 --match state --state ESTABLISHED,RELATED -j ACCEPT
|
/sbin/ip6tables -A INPUT -i eth0 -p tcp --sport 25 --match state --state ESTABLISHED,RELATED -j ACCEPT
|
||||||
|
|
||||||
################### IPv4 Specific rules
|
|
||||||
# /sbin/iptables ...
|
|
||||||
|
|
||||||
# Allow DNS, NTP and traceroute traffic
|
# Allow DNS, NTP and traceroute traffic
|
||||||
/sbin/ip6tables -A OUTPUT -p udp --dport 53 --match state --state NEW -j ACCEPT
|
/sbin/ip6tables -A OUTPUT -p udp --dport 53 --match state --state NEW -j ACCEPT
|
||||||
/sbin/ip6tables -A OUTPUT -p udp --dport 123 --match state --state NEW -j ACCEPT
|
/sbin/ip6tables -A OUTPUT -p udp --dport 123 --match state --state NEW -j ACCEPT
|
||||||
/sbin/ip6tables -A OUTPUT -p udp --dport 33434:33523 --match state --state NEW -j ACCEPT
|
/sbin/ip6tables -A OUTPUT -p udp --dport 33434:33523 --match state --state NEW -j ACCEPT
|
||||||
|
|
||||||
|
################### IPv4 Specific rules
|
||||||
|
# /sbin/iptables ...
|
||||||
|
|
||||||
|
# Allow DNS, NTP and traceroute traffic
|
||||||
|
/sbin/iptables -A OUTPUT -p udp --dport 53 --match state --state NEW -j ACCEPT
|
||||||
|
/sbin/iptables -A OUTPUT -p udp --dport 123 --match state --state NEW -j ACCEPT
|
||||||
|
/sbin/iptables -A OUTPUT -p udp --dport 33434:33523 --match state --state NEW -j ACCEPT
|
||||||
|
|
Loading…
Reference in a new issue