216,7 → 216,7 |
# lors d'une règle de PREROUTING (voir plus bas) |
# Deny direct connections on DansGuardian port (8080) |
# The concerned paquets are marked by a pre-routing rule (see further) |
$IPTABLES -A INPUT -i $TUNIF -p tcp --dport 8080 -m mark --mark 1 -j DROP |
$IPTABLES -A INPUT -i $TUNIF -p tcp --dport 8080 -m mark --mark 1 -j REJECT --reject-with tcp-reset |
# Autorisation des connexions à DansGuardian |
# Allow connections for DansGuardian |
$IPTABLES -A INPUT -i $TUNIF -p tcp --dport 8080 -m state --state NEW --syn -j ACCEPT |