nils/gluon
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

gluon-core: firewall: make the default input policy REJECT

Browse Source 
Fixes #1311
This commit is contained in:
Matthias Schiffer 2018-01-17 09:40:03 +01:00
parent a32fddf38c
commit 01336f70ec
No known key found for this signature in database
GPG Key ID: 16EF3F64CB201D9C
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
package/gluon-core/luasrc/lib/gluon/upgrade/140-firewall-rules
View File

@ -3,6 +3,10 @@
local uci = require('simple-uci').cursor() local uci = require('simple-uci').cursor()
local defaults = uci:get_first('firewall', 'defaults')
uci:set('firewall', defaults, 'input', 'REJECT')
local function reject_input_on_wan(zone) local function reject_input_on_wan(zone)
if zone.name == 'wan' then if zone.name == 'wan' then
uci:set('firewall', zone['.name'], 'input', 'REJECT') uci:set('firewall', zone['.name'], 'input', 'REJECT')