base: allow icmp on all interfaces

author: lassulus <lass@aidsballs.de> 2015-06-01 03:10:06 +0200
committer: lassulus <lass@aidsballs.de> 2015-06-01 03:10:06 +0200
commit: 2742c4c4964c9dbadba41629b22563bd510a73ed (patch)
tree: 220f1896f45ab751e531a69ac1b1b6687f827c67 /modules
parent: 4e8688b3f1b4460a71f21475e9c1438088c972f9 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/modules/lass/base.nix b/modules/lass/base.nix
index 87127fb..3a8d879 100644
--- a/modules/lass/base.nix
+++ b/modules/lass/base.nix
@@ -94,10 +94,10 @@
     extraCommands = ''
       iptables -A INPUT -j ACCEPT -m conntrack --ctstate RELATED,ESTABLISHED
       iptables -A INPUT -j ACCEPT -i lo
+      iptables -A INPUT -j ACCEPT -p icmp
 
       #iptables -N Retiolum
       iptables -A INPUT -j Retiolum -i retiolum
-      iptables -A Retiolum -j ACCEPT -p icmp
       iptables -A Retiolum -j ACCEPT -m conntrack --ctstate RELATED,ESTABLISHED
       iptables -A Retiolum -j REJECT -p tcp --reject-with tcp-reset
       iptables -A Retiolum -j REJECT -p udp --reject-with icmp-port-unreachable
author	lassulus <lass@aidsballs.de>	2015-06-01 03:10:06 +0200
committer	lassulus <lass@aidsballs.de>	2015-06-01 03:10:06 +0200
commit	2742c4c4964c9dbadba41629b22563bd510a73ed (patch)
tree	220f1896f45ab751e531a69ac1b1b6687f827c67 /modules
parent	4e8688b3f1b4460a71f21475e9c1438088c972f9 (diff)