CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-07 01:32:47 +01:00
Code Issues Packages Projects Releases Wiki Activity

update fw rules

Browse Source
This commit is contained in:
m0duspwnens
2023-02-21 15:11:14 -05:00
parent a3bda9b322
commit de499ead0c
1 changed files with 0 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
salt/firewall/iptables.jinja
View File

@@ -93,7 +93,6 @@ COMMIT
-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i lo -j ACCEPT -A INPUT -i lo -j ACCEPT
-A INPUT -m conntrack --ctstate INVALID -j DROP -A INPUT -m conntrack --ctstate INVALID -j DROP
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A INPUT -p icmp -j ACCEPT -A INPUT -p icmp -j ACCEPT
-A INPUT -j LOGGING -A INPUT -j LOGGING
-A FORWARD -j DOCKER-USER -A FORWARD -j DOCKER-USER
@@ -106,7 +105,6 @@ COMMIT
-A FORWARD -i lo -j ACCEPT -A FORWARD -i lo -j ACCEPT
-A FORWARD -m conntrack --ctstate INVALID -j DROP -A FORWARD -m conntrack --ctstate INVALID -j DROP
-A FORWARD -j REJECT --reject-with icmp-host-prohibited -A FORWARD -j REJECT --reject-with icmp-host-prohibited
-A OUTPUT -o lo -j ACCEPT
-A OUTPUT -p icmp -m icmp --icmp-type 14 -j DROP -A OUTPUT -p icmp -m icmp --icmp-type 14 -j DROP
{%- for rule in D2 %} {%- for rule in D2 %}