Permalink
Browse files

remove default rules from template

  • Loading branch information...
1 parent ee4dc64 commit 9d48cfafc043138cff0c38b1cfa8402e148c8bf0 @jeremiahsnapp jeremiahsnapp committed Oct 1, 2012
Showing with 0 additions and 4 deletions.
  1. +0 −4 templates/default/rules.iptables.erb
View
4 templates/default/rules.iptables.erb
@@ -48,10 +48,6 @@ COMMIT
-A OUTPUT -o lo -j ACCEPT
-A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
-A OUTPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
-# some default rules we want to open everywhere
--A INPUT -p tcp --dport 22 -s 10.0.0.0/8 -j ACCEPT
--A INPUT -p tcp --dport 22 -s 172.30.0.0/16 -j ACCEPT
--A OUTPUT -p udp --dport 53 -d 10.0.0.0/8 -j ACCEPT
<% node['afw']['tables']['filter']['chains'].sort_by{|k| k}.each do |chain| -%>
<%=chain%>
<% end -%>

0 comments on commit 9d48cfa

Please sign in to comment.