diff options
| author |  netblue30 <netblue30@protonmail.com> | 2022-10-25 14:33:56 -0400 |
|---|---|---|
| committer | netblue30 <netblue30@protonmail.com> | 2022-10-25 14:33:56 -0400 |
| commit | 549d59f55df0b5412eb5fbecfb3586bfa222bd8d (patch) | |
| tree | 4e4b196fb1931bd510ae77b4de6de4326d5f1d03 /etc/net/nolocal.net | |
| parent | removed grsecurity support (diff) | |
| download | firejail-549d59f55df0b5412eb5fbecfb3586bfa222bd8d.tar.gz firejail-549d59f55df0b5412eb5fbecfb3586bfa222bd8d.tar.zst firejail-549d59f55df0b5412eb5fbecfb3586bfa222bd8d.zip | |
fix nolocal netfilter
Diffstat (limited to 'etc/net/nolocal.net')
| -rw-r--r-- | etc/net/nolocal.net | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/etc/net/nolocal.net b/etc/net/nolocal.net index 0eb9f9784..a37b18599 100644 --- a/etc/net/nolocal.net +++ b/etc/net/nolocal.net | |||
| @@ -20,8 +20,8 @@ | |||
| 20 | 20 | ||
| 21 | # allow ping etc. | 21 | # allow ping etc. |
| 22 | -A INPUT -p icmp --icmp-type destination-unreachable -j ACCEPT | 22 | -A INPUT -p icmp --icmp-type destination-unreachable -j ACCEPT |
| 23 | -A INPUT -p icmp --icmp-type time-exceeded -j ACCEPT | ||
| 24 | -A INPUT -p icmp --icmp-type echo-request -j ACCEPT | 23 | -A INPUT -p icmp --icmp-type echo-request -j ACCEPT |
| 24 | -A INPUT -p icmp --icmp-type echo-reply -j ACCEPT | ||
| 25 | 25 | ||
| 26 | # accept dns requests going out to a server on the local network | 26 | # accept dns requests going out to a server on the local network |
| 27 | -A OUTPUT -p udp --dport 53 -j ACCEPT | 27 | -A OUTPUT -p udp --dport 53 -j ACCEPT |