Closed Aniem closed 12 years ago
This commit: https://github.com/example42/puppet-iptables/commit/6bc16dff9118b9cdb326b648f71ec8e8d36a2a2e should allow customization of these general rules. Let me know, please, it it applies to your case.
It does. It's now working very well ;)
For instance, ICMP default rules are placed on top. This keeps users to block ICMP traffic except from certain hosts. (For example monitoring service a server rental provider might offer) By placing general rules on the footer, one can add personnalisable rules to DROP all ICMP traffic except some specific one.