diff options
| author | Stephen Hemminger <stephen.hemminger@vyatta.com> | 2009-03-12 11:31:42 -0700 |
|---|---|---|
| committer | Stephen Hemminger <stephen.hemminger@vyatta.com> | 2009-03-12 11:31:42 -0700 |
| commit | 7981321561add3874ca28f1f59bb170b7e214de2 (patch) | |
| tree | 4dfa1e4a70c5ab3a052d71dfe4ea17aa258169e6 /scripts/firewall | |
| parent | a76180820eb08f3957ab36e25cada8ab0f0ccc5d (diff) | |
| download | vyatta-cfg-firewall-7981321561add3874ca28f1f59bb170b7e214de2.tar.gz vyatta-cfg-firewall-7981321561add3874ca28f1f59bb170b7e214de2.zip | |
Don't use -P
Changing default property of rules screws up other things
Diffstat (limited to 'scripts/firewall')
| -rw-r--r-- | scripts/firewall/firewall.init.in | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/scripts/firewall/firewall.init.in b/scripts/firewall/firewall.init.in index 4d8608f..efdc04c 100644 --- a/scripts/firewall/firewall.init.in +++ b/scripts/firewall/firewall.init.in @@ -58,8 +58,8 @@ start () { iptables -A VYATTA_POST_FW_HOOK -j ACCEPT # enforce strict host matching (see bug 4061) - iptables -P INPUT -j DROP iptables -A INPUT -m strict -j VYATTA_POST_FW_HOOK + iptables -A INPUT -j DROP iptables -A FORWARD -j VYATTA_POST_FW_HOOK |