From 82113690fac6230bad718c286e5c4d3fc3a2ee8c Mon Sep 17 00:00:00 2001
From: Alex Denes <caskd@redxen.eu>
Date: Wed, 2 Jun 2021 15:59:50 +0000
Subject: [PATCH] Allow all traffic by default on private interface

---
 config/iptables/APKBUILD  | 6 +++---
 config/iptables/rx-rules4 | 3 +--
 config/iptables/rx-rules6 | 3 +--
 3 files changed, 5 insertions(+), 7 deletions(-)

diff --git a/config/iptables/APKBUILD b/config/iptables/APKBUILD
index 0fbb399..4bc84e3 100644
--- a/config/iptables/APKBUILD
+++ b/config/iptables/APKBUILD
@@ -3,7 +3,7 @@
 
 . ../APKBUILD-config.template
 
-pkgver=2021.06.01.03
+pkgver=2021.06.02.01
 pkgrel=0
 depends="redxen-config-ipset"
 source="
@@ -12,6 +12,6 @@ source="
 "
 
 sha512sums="
-c29f7f22fcabdd90fb3cd63f1e67ce340145be9a832c0ce23fadfd2a83e477c90373c052c6d750d3136dfeb951098c2bc7d05e1bfd6b7cb8f886a2e632587094  rx-rules4
-92b3c7dad3bcf9583ae9af4ba111b35ac5d0eae3ca50969be2941efc72270dd423689cceb93d55fe0286949a7b4a124a0e59bb170a99776bf99c835884da060c  rx-rules6
+3c07a4fd59b3e1785c816628a6d1fb37527bc0ca779d3b363af5d42904e7a8d26dcbe5d55f69bf6cd5bc5cf3ed14fd945ead099e32c61fe36029f28d352febca  rx-rules4
+c1ff620f6b13e9a901fcb4c873493641f9e1e23adf72ecf549dab71b56c13d16e75e4e0e3517b38811ac4f52d1236f75878e7373528fe980d46e7735bbc371fa  rx-rules6
 "
diff --git a/config/iptables/rx-rules4 b/config/iptables/rx-rules4
index 2cd6763..a2c73e5 100644
--- a/config/iptables/rx-rules4
+++ b/config/iptables/rx-rules4
@@ -5,8 +5,7 @@
 -A INPUT -m conntrack --ctstate INVALID -j DROP
 -A INPUT -i lo -j ACCEPT
 -A INPUT -p icmp -j ACCEPT
--A INPUT -i tun0 -j ACCEPT
--A INPUT -i eth1 -p tcp -m tcp --dport 7521 -j ACCEPT
+-A INPUT -i eth1 -j ACCEPT
 -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
 -A INPUT -m set --match-set netwide4 src -j DROP
 -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
diff --git a/config/iptables/rx-rules6 b/config/iptables/rx-rules6
index ff792a1..a42f22e 100644
--- a/config/iptables/rx-rules6
+++ b/config/iptables/rx-rules6
@@ -5,8 +5,7 @@
 -A INPUT -m conntrack --ctstate INVALID -j DROP
 -A INPUT -i lo -j ACCEPT
 -A INPUT -p ipv6-icmp -j ACCEPT
--A INPUT -i tun0 -j ACCEPT
--A INPUT -i eth1 -p tcp -m tcp --dport 7521 -j ACCEPT
+-A INPUT -i eth1 -j ACCEPT
 -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
 -A INPUT -m set --match-set netwide6 src -j DROP
 -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT