fix to avoid blocking INPUT/OUTPUT iptables chains

dyne · Nov 13, 2017 · dcf630d · dcf630d
1 parent b3c82c2
commit dcf630d
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/zlibs/iptables b/zlibs/iptables
@@ -342,7 +342,7 @@ iptables-start() {
 
     # Keep state of connections from local machine and private subnets
     iptables -A OUTPUT  -m state --state NEW -o ${interface} -j ACCEPT
-    # iptables -A FORWARD -m state --state NEW -o ${interface} -j ACCEPT
+    iptables -A FORWARD -m state --state NEW -o ${interface} -j ACCEPT
     iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
     iptables -A INPUT   -m state --state ESTABLISHED,RELATED -j ACCEPT