Skip to content

Commit

Permalink
more explicit REJECT on snakebite whitehole
Browse files Browse the repository at this point in the history 
RETURN is implicit and assumes the default will be REJECT
  • Loading branch information
@ewdurbin
ewdurbin committed Sep 7, 2023
1 parent ed19ff8 commit 0e2a423
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions pillar/base/firewall/snakebite.sls
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,6 @@ firewall:
snakebite-blackhole-udp:
raw: -A INPUT -p udp --destination-port 56666 -j DROP
snakebite-whitehole-tcp:
raw: -A INPUT -p tcp --destination-port 56667 -j RETURN
raw: -A INPUT -p tcp --destination-port 56667 -j REJECT
snakebite-whitehole-udp:
raw: -A INPUT -p udp --destination-port 56667 -j RETURN
raw: -A INPUT -p udp --destination-port 56667 -j REJECT

0 comments on commit 0e2a423

Please sign in to comment.