From f2b0d67d8ba7a8d69b7f32fc954b70cb2ab0ab32 Mon Sep 17 00:00:00 2001
From: m0duspwnens <josh.patterson@securityonionsolutions.com>
Date: Tue, 21 Feb 2023 15:20:49 -0500
Subject: [PATCH] update fw rules

---
 salt/firewall/iptables.jinja | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/salt/firewall/iptables.jinja b/salt/firewall/iptables.jinja
index 4d6ece25a..142f41ce8 100644
--- a/salt/firewall/iptables.jinja
+++ b/salt/firewall/iptables.jinja
@@ -101,10 +101,6 @@ COMMIT
 -A FORWARD -o sobridge -j DOCKER
 -A FORWARD -i sobridge ! -o sobridge -j ACCEPT
 -A FORWARD -i sobridge -o sobridge -j ACCEPT
--A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
--A FORWARD -i lo -j ACCEPT
--A FORWARD -m conntrack --ctstate INVALID -j DROP
--A FORWARD -j REJECT --reject-with icmp-host-prohibited
 -A OUTPUT -p icmp -m icmp --icmp-type 14 -j DROP
 
 {%- for rule in D2 %}