From ac535ebbac3b78b126faa036044cb55d367f769c Mon Sep 17 00:00:00 2001
From: Jan Philipp Timme <jan.philipp@timme.it>
Date: Thu, 20 Sep 2018 11:39:41 +0200
Subject: [PATCH] More explicit iptables for ssh

---
 SRV-DOC-Inhalt.tex | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/SRV-DOC-Inhalt.tex b/SRV-DOC-Inhalt.tex
index 547bfac..4f99ca4 100644
--- a/SRV-DOC-Inhalt.tex
+++ b/SRV-DOC-Inhalt.tex
@@ -176,8 +176,8 @@ ip6tables -A INPUT -p udp --dport 1194 -j ACCEPT
 
 Antwortpakete für eingehende Pakete auf SSH und OpenVPN-Dienst sind erlaubt.
 \begin{lstlisting}
-iptables -A OUTPUT -m state --state ESTABLISHED -j ACCEPT
-ip6tables -A OUTPUT -m state --state ESTABLISHED -j ACCEPT
+iptables -A OUTPUT -p tcp --sport 22 -m state --state ESTABLISHED -j ACCEPT
+ip6tables -A OUTPUT -p tcp --sport 22 -m state --state ESTABLISHED -j ACCEPT
 
 iptables -A OUTPUT -p udp --sport 1194 -j ACCEPT
 ip6tables -A OUTPUT -p udp --sport 1194 -j ACCEPT