From: root Date: Thu, 16 Apr 2009 14:22:42 +0000 (+0200) Subject: vuurmuur: Fix accept rule for outgoing verserver connections. X-Git-Url: https://git.stderr.nl/gitweb?a=commitdiff_plain;h=2c279488e0cf61a9ead59deada6180477f479d0f;p=matthijs%2Fservers%2Fdrsnuggles.git vuurmuur: Fix accept rule for outgoing verserver connections. Since vuurmuur doesn't have native support for "internal" networks, we can't limit this rule to just vservers. --- diff --git a/etc/vuurmuur/rules/rules.conf b/etc/vuurmuur/rules/rules.conf index b7085fe..1532bbe 100644 --- a/etc/vuurmuur/rules/rules.conf +++ b/etc/vuurmuur/rules/rules.conf @@ -1,6 +1,6 @@ RULE="Accept service ping from any to any options comment=\"ping\"" RULE="Accept service any from firewall to world.inet options comment=\"Outgoing host traffic\"" -RULE="Accept service any from vservers.internal to world.inet options comment=\"Outgoing vserver traffic\"" +RULE="Accept service any from any to world.inet options comment=\"Outgoing vserver traffic (but from any due to vuurmuur limits)\"" RULE="Snat service any from vservers.internal to world.inet options comment=\"snat for vservers\"" RULE="separator" RULE="Accept service any from zeratul.direct to firewall options comment=\"direct traffic from zeratul\""