From d5795495186055bc4237a668868ffc56f15f6013 Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Tue, 12 Mar 2019 10:52:04 +0100
Subject: [kiosk-common] Only allow 132.230.0.0/16? Very smart!

---
 .../openslx/lightdm/guest-account.d/00-iptables    | 26 ----------------------
 1 file changed, 26 deletions(-)
 delete mode 100644 core/modules/kiosk-common/data/opt/openslx/lightdm/guest-account.d/00-iptables

(limited to 'core/modules/kiosk-common')

diff --git a/core/modules/kiosk-common/data/opt/openslx/lightdm/guest-account.d/00-iptables b/core/modules/kiosk-common/data/opt/openslx/lightdm/guest-account.d/00-iptables
deleted file mode 100644
index 38e4893a..00000000
--- a/core/modules/kiosk-common/data/opt/openslx/lightdm/guest-account.d/00-iptables
+++ /dev/null
@@ -1,26 +0,0 @@
-#!/bin/ash
-# ^ SOURCED
-
-kiosk_rules="/opt/openslx/iptables/rules.d/90-kiosk"
-cat <<-EOF > "$kiosk_rules"
-  #!/bin/ash
-
-  iptables -w -A ipt-helper-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-  iptables -w -I ipt-helper-OUTPUT 1 -o br0 -d 132.230.0.0/16 -j ACCEPT
-  iptables -w -I ipt-helper-INPUT 1 -i br0 -d 132.230.0.0/16 -j ACCEPT
-  iptables -w -I ipt-helper-OUTPUT 1 -o br0 -d 10.0.0.0/8 -j ACCEPT
-  iptables -w -I ipt-helper-INPUT 1 -i br0 -d 10.0.0.0/8 -j ACCEPT
-
-  iptables -P INPUT DROP
-  iptables -P FORWARD DROP
-  iptables -P OUTPUT DROP
-EOF
-
-chmod +x "$kiosk_rules"
-
-# HACK: wait for iptables helper to setup the rules...
-sleep 2
-
-# make sure it is cleared on session close
-echo "rm -f \"$kiosk_rules\"" > "/etc/X11/Xreset.d/clear-kiosk-iptables"
-true
-- 
cgit v1.2.3-55-g7522