diff options
author | Guilhem Moulin <guilhem@fripost.org> | 2015-06-03 19:21:52 +0200 |
---|---|---|
committer | Guilhem Moulin <guilhem@fripost.org> | 2015-06-07 02:54:16 +0200 |
commit | 0dbdc948c7c2bda7e2610a7b48b17f63bec184ea (patch) | |
tree | 652b31f3b1b9deabc9b86da75849d0ed89ddd9d4 /roles | |
parent | fb9d6472095cdffd8f43c0416d63ef7b15cb598a (diff) |
firewall: allow 127.0.0.1/8 on lo.
Diffstat (limited to 'roles')
-rwxr-xr-x | roles/common/files/usr/local/sbin/update-firewall.sh | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/roles/common/files/usr/local/sbin/update-firewall.sh b/roles/common/files/usr/local/sbin/update-firewall.sh index 33b6ef1..f25f507 100755 --- a/roles/common/files/usr/local/sbin/update-firewall.sh +++ b/roles/common/files/usr/local/sbin/update-firewall.sh @@ -256,7 +256,7 @@ run() { iptables -A INPUT -p tcp \! --syn -m state --state NEW -j DROP # Allow all input/output to/from the loopback interface. - local localhost=$(inet46 $f '127.0.0.1/32' '::1/128') + local localhost=$(inet46 $f '127.0.0.1/8' '::1/128') iptables -A INPUT -i lo -s "$localhost" -d "$localhost" -j ACCEPT iptables -A OUTPUT -o lo -s "$localhost" -d "$localhost" -j ACCEPT |