diff options
| author | Niklas Yann Wettengel <niyawe@niyawe.de> | 2018-01-29 13:36:13 +0100 |
|---|---|---|
| committer | Niklas Yann Wettengel <niyawe@niyawe.de> | 2018-01-29 13:36:13 +0100 |
| commit | 53be5c3014f47b731124a336a4659ce879609142 (patch) | |
| tree | 81387bd29e66219ef6e91bece5d5388a7510314d /roles/configure_iptables/templates/iptables.rules | |
| parent | 09ae1230753c1db32eac9c3e30ebceab7d6d2b56 (diff) | |
reject forwarded traffic going out on the default gateway
Diffstat (limited to 'roles/configure_iptables/templates/iptables.rules')
| -rw-r--r-- | roles/configure_iptables/templates/iptables.rules | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/roles/configure_iptables/templates/iptables.rules b/roles/configure_iptables/templates/iptables.rules index d832362..be2965d 100644 --- a/roles/configure_iptables/templates/iptables.rules +++ b/roles/configure_iptables/templates/iptables.rules @@ -66,6 +66,7 @@ COMMIT -A FORWARD -i bat{{ site.name }} -p udp --dport 10010:10021 -j REJECT {% endfor %} {% endif %} +-A FORWARD -o {{ ansible_default_ipv4.interface }} -j REJECT COMMIT *nat |