diff options
| author | root <root@rshg054.dnsready.net> | 2013-01-08 01:01:51 -0800 |
|---|---|---|
| committer | root <root@rshg054.dnsready.net> | 2013-01-08 01:01:51 -0800 |
| commit | c6944c224fa06987b04ffc1e90f5db0dfb200be9 (patch) | |
| tree | 9660fefded7f8fd5e1ea1a47e60c13e80bbb7d25 /core/iptables/simple_firewall.rules | |
| parent | 6691bda410e7b989932f459d788e7caa7bbd3a41 (diff) | |
Tue Jan 8 01:01:51 PST 2013
Diffstat (limited to 'core/iptables/simple_firewall.rules')
| -rw-r--r-- | core/iptables/simple_firewall.rules | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/core/iptables/simple_firewall.rules b/core/iptables/simple_firewall.rules index e1604cc36..63426b083 100644 --- a/core/iptables/simple_firewall.rules +++ b/core/iptables/simple_firewall.rules @@ -3,7 +3,7 @@ :FORWARD DROP [0:0] :OUTPUT ACCEPT [0:0] -A INPUT -p icmp -j ACCEPT --A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT +-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -p tcp -j REJECT --reject-with tcp-reset -A INPUT -p udp -j REJECT --reject-with icmp-port-unreachable |