Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Loading…

remove default rules from template #1

Merged
merged 1 commit into from

2 participants

@jeremiahsnapp

I'm not sure why these default rules should be in this cookbook. I think the user should have complete control over what rules are used.

@jvehent jvehent merged commit 9aaab36 into from
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Commits on Oct 1, 2012
  1. @jeremiahsnapp
This page is out of date. Refresh to see the latest.
Showing with 0 additions and 4 deletions.
  1. +0 −4 templates/default/rules.iptables.erb
View
4 templates/default/rules.iptables.erb
@@ -48,10 +48,6 @@ COMMIT
-A OUTPUT -o lo -j ACCEPT
-A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
-A OUTPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
-# some default rules we want to open everywhere
--A INPUT -p tcp --dport 22 -s 10.0.0.0/8 -j ACCEPT
--A INPUT -p tcp --dport 22 -s 172.30.0.0/16 -j ACCEPT
--A OUTPUT -p udp --dport 53 -d 10.0.0.0/8 -j ACCEPT
<% node['afw']['tables']['filter']['chains'].sort_by{|k| k}.each do |chain| -%>
<%=chain%>
<% end -%>
Something went wrong with that request. Please try again.