summaryrefslogtreecommitdiffstats
path: root/roles/common
diff options
context:
space:
mode:
authorGuilhem Moulin <guilhem@fripost.org>2018-12-08 01:05:28 +0100
committerGuilhem Moulin <guilhem@fripost.org>2018-12-09 20:25:39 +0100
commitbccbd0d4c0faf46e911284e599cc22da2c9b04d9 (patch)
treef97f322251eae8d5fb84ddc217fd65ac6a67c4ed /roles/common
parentd6ce377c2eea26b3ba708b70de942af81c94e813 (diff)
Firewall: REJECT outgoing connections instead of DROPing them.
Diffstat (limited to 'roles/common')
-rwxr-xr-xroles/common/files/usr/local/sbin/update-firewall.sh1
1 files changed, 1 insertions, 0 deletions
diff --git a/roles/common/files/usr/local/sbin/update-firewall.sh b/roles/common/files/usr/local/sbin/update-firewall.sh
index 207eada..36c12c6 100755
--- a/roles/common/files/usr/local/sbin/update-firewall.sh
+++ b/roles/common/files/usr/local/sbin/update-firewall.sh
@@ -327,6 +327,7 @@ run() {
iptables $iptNew $if -p $proto $optsNew -m state --state $stNew -j ACCEPT
iptables $iptEst $if -p $proto $optsEst -m state --state $stEst -j ACCEPT
done
+ iptables -A OUTPUT -o $if -j REJECT
########################################################################
commit