base: allow icmp on all interfaces
This commit is contained in:
parent
b07eb816b3
commit
da8694ed11
@ -94,10 +94,10 @@
|
|||||||
extraCommands = ''
|
extraCommands = ''
|
||||||
iptables -A INPUT -j ACCEPT -m conntrack --ctstate RELATED,ESTABLISHED
|
iptables -A INPUT -j ACCEPT -m conntrack --ctstate RELATED,ESTABLISHED
|
||||||
iptables -A INPUT -j ACCEPT -i lo
|
iptables -A INPUT -j ACCEPT -i lo
|
||||||
|
iptables -A INPUT -j ACCEPT -p icmp
|
||||||
|
|
||||||
#iptables -N Retiolum
|
#iptables -N Retiolum
|
||||||
iptables -A INPUT -j Retiolum -i retiolum
|
iptables -A INPUT -j Retiolum -i retiolum
|
||||||
iptables -A Retiolum -j ACCEPT -p icmp
|
|
||||||
iptables -A Retiolum -j ACCEPT -m conntrack --ctstate RELATED,ESTABLISHED
|
iptables -A Retiolum -j ACCEPT -m conntrack --ctstate RELATED,ESTABLISHED
|
||||||
iptables -A Retiolum -j REJECT -p tcp --reject-with tcp-reset
|
iptables -A Retiolum -j REJECT -p tcp --reject-with tcp-reset
|
||||||
iptables -A Retiolum -j REJECT -p udp --reject-with icmp-port-unreachable
|
iptables -A Retiolum -j REJECT -p udp --reject-with icmp-port-unreachable
|
||||||
|
Loading…
Reference in New Issue
Block a user