summaryrefslogtreecommitdiff
path: root/roles/linux-ns/files/iptables/iptables.save
diff options
context:
space:
mode:
Diffstat (limited to 'roles/linux-ns/files/iptables/iptables.save')
-rw-r--r--roles/linux-ns/files/iptables/iptables.save4
1 files changed, 3 insertions, 1 deletions
diff --git a/roles/linux-ns/files/iptables/iptables.save b/roles/linux-ns/files/iptables/iptables.save
index 7a4504f..4f72cc5 100644
--- a/roles/linux-ns/files/iptables/iptables.save
+++ b/roles/linux-ns/files/iptables/iptables.save
@@ -1,6 +1,6 @@
*filter
:INPUT DROP [0:0]
-:FORWARD ACCEPT [0:0]
+:FORWARD DROP [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
@@ -19,4 +19,6 @@
-A INPUT -p udp --dport 53 -j ACCEPT
-A INPUT -p tcp --dport 53 -j ACCEPT
+-A FORWARD -j REJECT --reject-with icmp-port-unreachable
+
COMMIT
generated by cgit v1.2.3 (git 2.39.1) at 2025-02-22 21:33:32 +0000