diff options
| author | Guilhem Moulin <guilhem@fripost.org> | 2018-12-08 01:05:28 +0100 |
|---|---|---|
| committer | Guilhem Moulin <guilhem@fripost.org> | 2018-12-09 20:25:39 +0100 |
| commit | bccbd0d4c0faf46e911284e599cc22da2c9b04d9 (patch) | |
| tree | f97f322251eae8d5fb84ddc217fd65ac6a67c4ed /roles/common | |
| parent | d6ce377c2eea26b3ba708b70de942af81c94e813 (diff) | |
Firewall: REJECT outgoing connections instead of DROPing them.
Diffstat (limited to 'roles/common')
| -rwxr-xr-x | roles/common/files/usr/local/sbin/update-firewall.sh | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/roles/common/files/usr/local/sbin/update-firewall.sh b/roles/common/files/usr/local/sbin/update-firewall.sh index 207eada..36c12c6 100755 --- a/roles/common/files/usr/local/sbin/update-firewall.sh +++ b/roles/common/files/usr/local/sbin/update-firewall.sh @@ -327,6 +327,7 @@ run() { iptables $iptNew $if -p $proto $optsNew -m state --state $stNew -j ACCEPT iptables $iptEst $if -p $proto $optsEst -m state --state $stEst -j ACCEPT done + iptables -A OUTPUT -o $if -j REJECT ######################################################################## commit |