github-actions[bot]
commented
1 month ago This issue has been marked 'stale' due to lack of recent activity. If there is no further activity, the issue will be closed in another 30 days. Thank you for your contribution!
Please read this blog post to see the reasons why I mark issues as stale.
This role adds by default ping and ntp on INPUT chains
ACCEPT icmp -- anywhere anywhere
ACCEPT udp -- anywhere anywhere udp spt:ntp
I don't want the machine to answer either ping nor ntp by default on the public interfaces
Another weird thing is that instead of setting the default policy to drop it is adding a drop rule at the end of the chain, wouldn't it be better to change the input policy to drop?