diff options
author | Christian Pointner <equinox@spreadspace.org> | 2019-01-19 02:15:00 +0100 |
---|---|---|
committer | Christian Pointner <equinox@spreadspace.org> | 2019-01-19 02:15:00 +0100 |
commit | 75ecd447521bc2f9d7d5891da61f20f2c33345e8 (patch) | |
tree | cdf6f8efe1d0d7f4aead983245894930746582fd /roles/elevate/media/templates/firewall/elevate-office.sh.j2 | |
parent | added firewall script for all network setups (diff) |
fix firewall scripts
Diffstat (limited to 'roles/elevate/media/templates/firewall/elevate-office.sh.j2')
-rw-r--r-- | roles/elevate/media/templates/firewall/elevate-office.sh.j2 | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/roles/elevate/media/templates/firewall/elevate-office.sh.j2 b/roles/elevate/media/templates/firewall/elevate-office.sh.j2 index 19cea0db..26ee5afe 100644 --- a/roles/elevate/media/templates/firewall/elevate-office.sh.j2 +++ b/roles/elevate/media/templates/firewall/elevate-office.sh.j2 @@ -28,6 +28,7 @@ ipv4_up() { $FILTER -A INPUT -i lo -d 127.0.0.0/8 -s 127.0.0.0/8 -j ACCEPT $FILTER -A INPUT -i "$LAN_IF" -d "$LAN_IPADDR" -s "$LAN_IPADDR/$LAN_NETMASK" -j ACCEPT + $FILTER -A INPUT -i "$LAN_IF" -d "$LAN_IPADDR" -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT $FILTER -P INPUT DROP $FILTER -P FORWARD DROP @@ -41,10 +42,10 @@ ipv4_up() { ######################### ipv6_up() { - $FILTER -A INPUT -i lo -j ACCEPT + $FILTER6 -A INPUT -i lo -j ACCEPT - $FILTER -P INPUT DROP - $FILTER -P FORWARD DROP + $FILTER6 -P INPUT DROP + $FILTER6 -P FORWARD DROP echo -n "success" } |