base: allow icmp on all interfaces

This commit is contained in:
lassulus 2015-06-01 03:10:06 +02:00
parent b07eb816b3
commit da8694ed11

View File

@ -94,10 +94,10 @@
extraCommands = '' extraCommands = ''
iptables -A INPUT -j ACCEPT -m conntrack --ctstate RELATED,ESTABLISHED iptables -A INPUT -j ACCEPT -m conntrack --ctstate RELATED,ESTABLISHED
iptables -A INPUT -j ACCEPT -i lo iptables -A INPUT -j ACCEPT -i lo
iptables -A INPUT -j ACCEPT -p icmp
#iptables -N Retiolum #iptables -N Retiolum
iptables -A INPUT -j Retiolum -i retiolum iptables -A INPUT -j Retiolum -i retiolum
iptables -A Retiolum -j ACCEPT -p icmp
iptables -A Retiolum -j ACCEPT -m conntrack --ctstate RELATED,ESTABLISHED iptables -A Retiolum -j ACCEPT -m conntrack --ctstate RELATED,ESTABLISHED
iptables -A Retiolum -j REJECT -p tcp --reject-with tcp-reset iptables -A Retiolum -j REJECT -p tcp --reject-with tcp-reset
iptables -A Retiolum -j REJECT -p udp --reject-with icmp-port-unreachable iptables -A Retiolum -j REJECT -p udp --reject-with icmp-port-unreachable