From fc4231a876410e7c1bfffd497c6b3467c9e6a436 Mon Sep 17 00:00:00 2001
From: Christian Pointner <equinox@spreadspace.org>
Date: Sat, 19 Jan 2019 23:20:09 +0100
Subject: elevate/media: firewall config was a little to strict

---
 roles/elevate/media/templates/firewall/lan-only.sh.j2 | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'roles/elevate/media/templates/firewall/lan-only.sh.j2')

diff --git a/roles/elevate/media/templates/firewall/lan-only.sh.j2 b/roles/elevate/media/templates/firewall/lan-only.sh.j2
index aa9f03d8..4431ade0 100644
--- a/roles/elevate/media/templates/firewall/lan-only.sh.j2
+++ b/roles/elevate/media/templates/firewall/lan-only.sh.j2
@@ -25,7 +25,7 @@ LAN_NETMASK="{{ network.primary.mask }}"
 #########################
 
 ipv4_up() {
-  $FILTER -A INPUT -i lo -d 127.0.0.0/8 -s 127.0.0.0/8 -j ACCEPT
+  $FILTER -A INPUT -i lo -j ACCEPT
 
   $FILTER -A INPUT -i "$LAN_IF" -d "$LAN_IPADDR" -s "$LAN_IPADDR/$LAN_NETMASK" -j ACCEPT
   $FILTER -A INPUT -i "$LAN_IF" -d "$LAN_IPADDR" -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-- 
cgit v1.2.3