From 3cfbc61f4ece1a7b7ee1f38990eba347575699d4 Mon Sep 17 00:00:00 2001
From: m0duspwnens <josh.patterson@securityonionsolutions.com>
Date: Wed, 10 Feb 2021 11:15:39 -0500
Subject: [PATCH] only save at the end

---
 salt/firewall/init.sls | 6 ------
 1 file changed, 6 deletions(-)

diff --git a/salt/firewall/init.sls b/salt/firewall/init.sls
index 687774a58..6b3a43a6e 100644
--- a/salt/firewall/init.sls
+++ b/salt/firewall/init.sls
@@ -34,7 +34,6 @@ iptables_allow_established:
     - jump: ACCEPT
     - match: conntrack
     - ctstate: 'RELATED,ESTABLISHED'
-    - save: True
 
 # I like pings
 iptables_allow_pings:
@@ -43,7 +42,6 @@ iptables_allow_pings:
     - chain: INPUT
     - jump: ACCEPT
     - proto: icmp
-    - save: True
 
 # Create the chain for logging
 iptables_LOGGING_chain:
@@ -68,7 +66,6 @@ iptables_log_input_drops:
     - table: filter
     - chain: INPUT
     - jump: LOGGING
-    - save: True
 
 # Enable global DOCKER-USER block rule
 enable_docker_user_fw_policy:
@@ -79,7 +76,6 @@ enable_docker_user_fw_policy:
     - in-interface: '!docker0'
     - out-interface: docker0
     - position: 1
-    - save: True
 
 enable_docker_user_established:
   iptables.insert:
@@ -89,7 +85,6 @@ enable_docker_user_established:
     - in-interface: '!docker0'
     - out-interface: docker0
     - position: 1
-    - save: True
     - match: conntrack
     - ctstate: 'RELATED,ESTABLISHED'
 
@@ -115,7 +110,6 @@ enable_docker_user_established:
               {% if action == 'insert' %}
     - position: 1
               {% endif %}
-    - save: True
 
               {% endfor %}
             {% endfor %}