diff options
author | lassulus <lassulus@lassul.us> | 2018-01-02 18:24:40 +0100 |
---|---|---|
committer | lassulus <lassulus@lassul.us> | 2018-01-02 18:24:40 +0100 |
commit | 67458e15f442d16d645f92b8f3de5f226212696a (patch) | |
tree | 7ee36e618d920fc05401fd6c70dbd001a3f41d5b | |
parent | 115b4c0afebe1f7a7a53c4d82842a7072a3bf2dd (diff) |
iptables: set empty default rules
-rw-r--r-- | krebs/3modules/iptables.nix | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/krebs/3modules/iptables.nix b/krebs/3modules/iptables.nix index d64ed86de..6298a05a5 100644 --- a/krebs/3modules/iptables.nix +++ b/krebs/3modules/iptables.nix @@ -61,6 +61,15 @@ let }; }; }))); + default = { + filter.INPUT.policy = "ACCEPT"; + filter.FORWARD.policy = "ACCEPT"; + filter.OUTPUT.policy = "ACCEPT"; + nat.PREROUTING.policy = "ACCEPT"; + nat.INPUT.policy = "ACCEPT"; + nat.OUTPUT.policy = "ACCEPT"; + nat.POSTROUTING.policy = "ACCEPT"; + }; }; }; |