Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Only drop traffic to the Weave Net port on 127.0.0.1 #3811

Merged
merged 1 commit into from
May 30, 2020
Merged

Only drop traffic to the Weave Net port on 127.0.0.1 #3811

merged 1 commit into from
May 30, 2020

Conversation

bboreham
Copy link
Contributor

@bboreham bboreham commented May 29, 2020
edited

Only block the specific port Weave Net is listening on.
Add a comment so users know what the rule is for.

Remove the rule added in v2.6.3 because it was too coarse.

Fixes #3810

@bboreham bboreham mentioned this pull request May 29, 2020
Closed
@bboreham bboreham changed the title Don't drop traffic to 127.0.0.1 which is being DNATted Only drop traffic to the Weave Net port on 127.0.0.1 May 29, 2020
@bboreham
Use a more targeted iptables rule to block access to control port
a46d18d 
Only block the specific port Weave Net is listening on.
Add a comment so users know what the rule is for.

Remove the rule added in v2.6.3 because it was too coarse.
@bboreham bboreham changed the base branch from master to 2.6 May 30, 2020 10:06
@bboreham bboreham merged commit bef50d3 into 2.6 May 30, 2020
@bboreham bboreham deleted the allow-dnat-127 branch May 30, 2020 10:07
@bboreham bboreham modified the milestones: 2.6.5, 2.6.4 Jun 4, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
2.6.4
Development

Successfully merging this pull request may close these issues.

Weave firewall rule interferes with local traffic
1 participant
@bboreham