diff --git a/configs/iptables/APKBUILD b/configs/iptables/APKBUILD index aab2e59..b02fe23 100644 --- a/configs/iptables/APKBUILD +++ b/configs/iptables/APKBUILD @@ -2,7 +2,7 @@ # Maintainer: Alex Denes pkgname=redxen-config-iptables pkgver=2021.01.28 -pkgrel=1 +pkgrel=2 pkgdesc="IPTables firewall configs" url="https://git.redxen.eu/RedXen" arch="noarch" @@ -20,5 +20,5 @@ package() { install -Dm644 rules-v6 "$pkgdir"/etc/iptables/rx-rules6 } -sha512sums="f8bd50b8798bc2a073129be5ea6e3a9e4884f8497effcda68273167a5e5627cc6a543b727cdd9a76570852845a09b2e9d7b1e84568d82328ce810f34f2940b38 rules-v4 -b9dc931b6acc3b1ddfe243063e85b7578681174fd3deb2e301a5437536188f5bc7adaaf8a8f47a3e13b6a17cd53c7389e8911908b6093bee19b18de5519963e2 rules-v6" +sha512sums="c29f7f22fcabdd90fb3cd63f1e67ce340145be9a832c0ce23fadfd2a83e477c90373c052c6d750d3136dfeb951098c2bc7d05e1bfd6b7cb8f886a2e632587094 rules-v4 +92b3c7dad3bcf9583ae9af4ba111b35ac5d0eae3ca50969be2941efc72270dd423689cceb93d55fe0286949a7b4a124a0e59bb170a99776bf99c835884da060c rules-v6" diff --git a/configs/iptables/rules-v4 b/configs/iptables/rules-v4 index c3c8ae5..2cd6763 100644 --- a/configs/iptables/rules-v4 +++ b/configs/iptables/rules-v4 @@ -7,8 +7,8 @@ -A INPUT -p icmp -j ACCEPT -A INPUT -i tun0 -j ACCEPT -A INPUT -i eth1 -p tcp -m tcp --dport 7521 -j ACCEPT --A INPUT -m set --match-set netwide4 src -j DROP -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT +-A INPUT -m set --match-set netwide4 src -j DROP -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT COMMIT diff --git a/configs/iptables/rules-v6 b/configs/iptables/rules-v6 index d21df7b..ff792a1 100644 --- a/configs/iptables/rules-v6 +++ b/configs/iptables/rules-v6 @@ -7,8 +7,8 @@ -A INPUT -p ipv6-icmp -j ACCEPT -A INPUT -i tun0 -j ACCEPT -A INPUT -i eth1 -p tcp -m tcp --dport 7521 -j ACCEPT --A INPUT -m set --match-set netwide6 src -j DROP -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT +-A INPUT -m set --match-set netwide6 src -j DROP -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT COMMIT