doc: Fix example iptables configuration.

* doc/guix.texi (Networking Services): Allow established and related incoming connections in example iptables configuration. Signed-off-by: Arun Isaac <arunisaac@systemreboot.net>
author: Eric Brown <ecbrown@ericcbrown.com> 2021-05-30 22:00:52 +0100
committer: Arun Isaac <arunisaac@systemreboot.net> 2021-06-04 00:11:47 +0530
commit: ecbfa206091574f913a1914447bad79206eff548 (patch)
tree: 350a0606d15651b22973901a1deeff2660c41066 /doc
parent: 9703a51048fbc1d322595d676ff0d63b1eb89304 (diff)
download: guix-ecbfa206091574f913a1914447bad79206eff548.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/doc/guix.texi b/doc/guix.texi
index ed442d3f9b..eb64518a95 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -16450,6 +16450,7 @@ configuration rejecting all incoming connections except those to the ssh port
 :INPUT ACCEPT
 :FORWARD ACCEPT
 :OUTPUT ACCEPT
+-A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
 -A INPUT -p tcp --dport 22 -j ACCEPT
 -A INPUT -j REJECT --reject-with icmp-port-unreachable
 COMMIT
@@ -16458,6 +16459,7 @@ COMMIT
 :INPUT ACCEPT
 :FORWARD ACCEPT
 :OUTPUT ACCEPT
+-A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
 -A INPUT -p tcp --dport 22 -j ACCEPT
 -A INPUT -j REJECT --reject-with icmp6-port-unreachable
 COMMIT
author	Eric Brown <ecbrown@ericcbrown.com>	2021-05-30 22:00:52 +0100
committer	Arun Isaac <arunisaac@systemreboot.net>	2021-06-04 00:11:47 +0530
commit	ecbfa206091574f913a1914447bad79206eff548 (patch)
tree	350a0606d15651b22973901a1deeff2660c41066 /doc
parent	9703a51048fbc1d322595d676ff0d63b1eb89304 (diff)
download	guix-ecbfa206091574f913a1914447bad79206eff548.tar.gz