free
/
freedomboneeee
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Don't accept RELATED packets

This commit is contained in:
Bob Mottram 2016-06-08 10:44:29 +01:00
parent 4f4354ba19
commit e830037a9c
No known key found for this signature in database
GPG Key ID: BA68F26108DC9F87
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/freedombone
View File

@ -4109,7 +4109,7 @@ function configure_firewall {
iptables -P INPUT DROP iptables -P INPUT DROP
ip6tables -P INPUT DROP ip6tables -P INPUT DROP
iptables -A INPUT -i lo -j ACCEPT iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT iptables -A INPUT -m conntrack --ctstate ESTABLISHED -j ACCEPT
# Make sure incoming tcp connections are SYN packets # Make sure incoming tcp connections are SYN packets
iptables -A INPUT -p tcp ! --syn -m state --state NEW -j DROP iptables -A INPUT -p tcp ! --syn -m state --state NEW -j DROP