--- .../firewall/files/chain_rules/filter/INPUT.head | 2 +- .../firewall/files/chain_rules/filter/INPUT.tail | 2 ++ 2 files changed, 3 insertions(+), 1 deletions(-)
diff --git a/recipes/firewall/files/chain_rules/filter/INPUT.head b/recipes/firewall/files/chain_rules/filter/INPUT.head index e12264a..2ed0a94 100644 --- a/recipes/firewall/files/chain_rules/filter/INPUT.head +++ b/recipes/firewall/files/chain_rules/filter/INPUT.head @@ -1,5 +1,5 @@ # INPUT.head --P INPUT DROP +-P INPUT ACCEPT #-i lo -m comment --comment "localhost access" -j ACCEPT -i lo -j ACCEPT #-m state --state RELATED,ESTABLISHED -m comment --comment "All established/related" -j ACCEPT diff --git a/recipes/firewall/files/chain_rules/filter/INPUT.tail b/recipes/firewall/files/chain_rules/filter/INPUT.tail index d1c2492..1c983ec 100644 --- a/recipes/firewall/files/chain_rules/filter/INPUT.tail +++ b/recipes/firewall/files/chain_rules/filter/INPUT.tail @@ -1,3 +1,5 @@ # INPUT.tail # -m comment --comment "Logging" -m limit --limit 3/minute -j LOG --log-prefix "[IPTABLES] INPUT : " -m limit --limit 3/minute -j LOG --log-prefix "[IPTABLES] INPUT : " + +-j REJECT