base: allow icmp on all interfaces

author: lassulus <lass@aidsballs.de> 2015-06-01 03:10:06 +0200
committer: lassulus <lass@aidsballs.de> 2015-06-01 03:10:06 +0200
commit: da8694ed1197d943a9f635f237f2b2339236f9eb (patch)
tree: 220f1896f45ab751e531a69ac1b1b6687f827c67 /modules
parent: b07eb816b3d985ceb705cba30fea119e1c956eaa (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/modules/lass/base.nix b/modules/lass/base.nix
index 87127fb8..3a8d879e 100644
--- a/modules/lass/base.nix
+++ b/modules/lass/base.nix
@@ -94,10 +94,10 @@
     extraCommands = ''
       iptables -A INPUT -j ACCEPT -m conntrack --ctstate RELATED,ESTABLISHED
       iptables -A INPUT -j ACCEPT -i lo
+      iptables -A INPUT -j ACCEPT -p icmp
 
       #iptables -N Retiolum
       iptables -A INPUT -j Retiolum -i retiolum
-      iptables -A Retiolum -j ACCEPT -p icmp
       iptables -A Retiolum -j ACCEPT -m conntrack --ctstate RELATED,ESTABLISHED
       iptables -A Retiolum -j REJECT -p tcp --reject-with tcp-reset
       iptables -A Retiolum -j REJECT -p udp --reject-with icmp-port-unreachable
author	lassulus <lass@aidsballs.de>	2015-06-01 03:10:06 +0200
committer	lassulus <lass@aidsballs.de>	2015-06-01 03:10:06 +0200
commit	da8694ed1197d943a9f635f237f2b2339236f9eb (patch)
tree	220f1896f45ab751e531a69ac1b1b6687f827c67 /modules
parent	b07eb816b3d985ceb705cba30fea119e1c956eaa (diff)