Fix typo that temporarily allowed client-to-client communication over IPv6
This commit is contained in:
parent
c1dd674319
commit
3744284fcc
|
@ -83,7 +83,7 @@ iptables -t nat -A POSTROUTING -s 10.2.0.0/16 ! -d 10.2.0.0/16 -j SNAT --to 141.
|
|||
|
||||
# Datenverkehr zwischen VPN-Clients ist verboten und wird verworfen.
|
||||
iptables -A FORWARD -s 10.2.0.0/16 -d 10.2.0.0/16 -j log_and_drop
|
||||
ip6tables -A FORWARD -s 2001:638:614:1750::/64 -d 2001:683:614:1750::/64 -j log_and_drop
|
||||
ip6tables -A FORWARD -s 2001:638:614:1750::/64 -d 2001:638:614:1750::/64 -j log_and_drop
|
||||
|
||||
# Datenverkehr aus dem VPN zu Hosts in der DMZ ist verboten.
|
||||
#iptables -A FORWARD -s 10.2.0.0/16 -d 141.71.38.0/24 -j log_and_drop
|
||||
|
|
Loading…
Reference in New Issue