8000 more explicit REJECT on snakebite whitehole · python/psf-salt@0e2a423 · GitHub
[go: up one dir, main page]
Skip to content

Commit 0e2a423

Browse files
ewdurbinewdurbin
committed
more explicit REJECT on snakebite whitehole
RETURN is implicit and assumes the default will be REJECT
1 parent ed19ff8 commit 0e2a423

File tree

1 file changed

+2
-2
lines changed

1 file changed

+2
-2
lines changed

pillar/base/firewall/snakebite.sls

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,6 @@ firewall:
44
snakebite-blackhole-udp:
55
raw: -A INPUT -p udp --destination-port 56666 -j DROP
66
snakebite-whitehole-tcp:
7-
raw: -A INPUT -p tcp --destination-port 56667 -j RETURN
7+
raw: -A INPUT -p tcp --destination-port 56667 -j REJECT
88
snakebite-whitehole-udp:
9-
raw: -A INPUT -p udp --destination-port 56667 -j RETURN
9+
raw: -A INPUT -p udp --destination-port 56667 -j REJECT

0 commit comments

Comments
 (0)
0