Skip to content

Commit

Permalink
fixed typo in iptables
Browse files Browse the repository at this point in the history
  • Loading branch information
@zenmonkeykstop
zenmonkeykstop committed Jul 8, 2020
1 parent 3ac152c commit ba5460f
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion molecule/testinfra/mon/iptables-mon-prodVM.j2
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@
-A OUTPUT -d {{ address }}/32 -p udp -m udp --dport 53 -m owner --uid-owner {{ postfix_user_id }} -m state --state NEW,RELATED,ESTABLISHED -m comment --comment "postfix dns rule" -j ACCEPT
{% endfor -%}
-A OUTPUT -p tcp -m tcp --dport 587 -m owner --uid-owner {{ postfix_user_id }} -m state --state NEW,RELATED,ESTABLISHED -m comment --comment "Allow ossec email alerts out" -j ACCEPT
-A OUTPUT -o eth1 -m owner --uid-owner 0 -m tcp --sport 22 -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT
-A OUTPUT -o eth1 -p tcp -m owner --uid-owner 0 -m tcp --sport 22 -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT
-A OUTPUT -o lo -m comment --comment "Allow lo to lo traffic all protocols" -j ACCEPT
-A OUTPUT -m comment --comment "Drop all other outgoing traffic" -j DROP
-A LOGNDROP -p tcp -m limit --limit 5/min -j LOG --log-tcp-options --log-ip-options --log-uid
Expand Down

0 comments on commit ba5460f

Please sign in to comment.