More explicit iptables for ssh

2018-09-20 11:39:41 +02:00 · 2018-09-20 11:39:41 +02:00 · ac535ebbac
parent dbe365c87c
commit ac535ebbac
1 changed files with 2 additions and 2 deletions
--- a/SRV-DOC-Inhalt.tex
+++ b/SRV-DOC-Inhalt.tex
@ -176,8 +176,8 @@ ip6tables -A INPUT -p udp --dport 1194 -j ACCEPT

 Antwortpakete für eingehende Pakete auf SSH und OpenVPN-Dienst sind erlaubt.
 \begin{lstlisting}
-iptables -A OUTPUT -m state --state ESTABLISHED -j ACCEPT
-ip6tables -A OUTPUT -m state --state ESTABLISHED -j ACCEPT
+iptables -A OUTPUT -p tcp --sport 22 -m state --state ESTABLISHED -j ACCEPT
+ip6tables -A OUTPUT -p tcp --sport 22 -m state --state ESTABLISHED -j ACCEPT

 iptables -A OUTPUT -p udp --sport 1194 -j ACCEPT
 ip6tables -A OUTPUT -p udp --sport 1194 -j ACCEPT