From ecbfa206091574f913a1914447bad79206eff548 Mon Sep 17 00:00:00 2001 From: Eric Brown Date: Sun, 30 May 2021 22:00:52 +0100 Subject: doc: Fix example iptables configuration. * doc/guix.texi (Networking Services): Allow established and related incoming connections in example iptables configuration. Signed-off-by: Arun Isaac --- doc/guix.texi | 2 ++ 1 file changed, 2 insertions(+) diff --git a/doc/guix.texi b/doc/guix.texi index ed442d3f9b..eb64518a95 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -16450,6 +16450,7 @@ configuration rejecting all incoming connections except those to the ssh port :INPUT ACCEPT :FORWARD ACCEPT :OUTPUT ACCEPT +-A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT -A INPUT -p tcp --dport 22 -j ACCEPT -A INPUT -j REJECT --reject-with icmp-port-unreachable COMMIT @@ -16458,6 +16459,7 @@ COMMIT :INPUT ACCEPT :FORWARD ACCEPT :OUTPUT ACCEPT +-A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT -A INPUT -p tcp --dport 22 -j ACCEPT -A INPUT -j REJECT --reject-with icmp6-port-unreachable COMMIT -- cgit 1.4.1