[firewall4] Si on mets les règles utilisant les module owner avant la conntrack, ça ne marche pas...

2013-04-07 16:21:51 +02:00 · 2013-04-07 16:21:51 +02:00 · 24ff398376
commit 24ff398376
parent 4362755898
1 changed files with 1 additions and 1 deletions
--- a/gestion/gen_confs/firewall4.py
+++ b/gestion/gen_confs/firewall4.py
@ -855,10 +855,10 @@ class firewall_zamok(firewall_base):
        chain = 'OUTPUT'
        self.add(table, chain , '-d 224.0.0.0/4 -j DROP')
        admin_vlan_chain = self.admin_vlan(table)
+        self.add(table, chain, '-m state --state RELATED,ESTABLISHED -j ACCEPT')
        for net in NETs['adm']:
            self.add(table, chain, '-d %s -j %s' % (net, admin_vlan_chain))
        self.add(table, chain, '-o lo -j ACCEPT')
-        self.add(table, chain, '-m state --state RELATED,ESTABLISHED -j ACCEPT')
        self.add(table, chain, '-j %s' % self.blacklist_output(table))

        return