lucaspalomodevelop/core
1
0
Fork 0
mirror of https://github.com/lucaspalomodevelop/core.git synced 2026-03-17 10:04:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

boot: apply default firewall policy before interface configuration, preventing possible accessibility of local services during the boot process.

Browse Source 
Although the risk of misuse is likely rather small, we better drop traffic if we don't know what should be allowed yet. Our default policy should take care of standard loopback behaviour, so the impact of this change should be relatively small.
This commit is contained in:
Ad Schellevis 2022-07-15 15:46:32 +02:00
parent a6ba422b23
commit e3051bd60b
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/etc/rc.bootup
View File

@ -88,6 +88,9 @@ system_hostname_configure(true);
system_hosts_generate(true);
system_syslog_start(true);
/* apply default policy before interface setup */
filter_configure_sync(true, false);
interfaces_configure(true);
system_resolvconf_generate(true);