diff options
author | Simon Rettberg | 2021-02-23 12:27:30 +0100 |
---|---|---|
committer | Simon Rettberg | 2021-02-23 12:27:30 +0100 |
commit | a36a681c8487298e3a28247a062cc95e317fd054 (patch) | |
tree | 89e4fe2a37ab5bd0f59af2033c13abf59e442a05 | |
parent | [run-virt] set-firewall: Support port in add_ips, add conntrack RELATED (diff) | |
download | mltk-a36a681c8487298e3a28247a062cc95e317fd054.tar.gz mltk-a36a681c8487298e3a28247a062cc95e317fd054.tar.xz mltk-a36a681c8487298e3a28247a062cc95e317fd054.zip |
[iptables-helper] Allways allow loopback
-rwxr-xr-x | core/modules/iptables-helper/data/opt/openslx/iptables/iptables-reloader-worker | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/core/modules/iptables-helper/data/opt/openslx/iptables/iptables-reloader-worker b/core/modules/iptables-helper/data/opt/openslx/iptables/iptables-reloader-worker index 0c8277a2..62eada61 100755 --- a/core/modules/iptables-helper/data/opt/openslx/iptables/iptables-reloader-worker +++ b/core/modules/iptables-helper/data/opt/openslx/iptables/iptables-reloader-worker @@ -62,6 +62,11 @@ reload_rules () { iptables -w -t mangle -I "$chain" 1 -j "ipt-helper-$chain" done + # Loopback + iptables -w -A ipt-helper-INPUT -i lo -j ACCEPT + iptables -w -A ipt-helper-OUTPUT -o lo -j ACCEPT + # TODO: IPv6 (in general) + # Apply local LOGFILE=$(mktemp) local DISABLED="/opt/openslx/iptables/rules.d/disabled/" |