| 216,7 → 216,7 |
|---|
| # lors d'une règle de PREROUTING (voir plus bas) |
| # Deny direct connections on DansGuardian port (8080) |
| # The concerned paquets are marked by a pre-routing rule (see further) |
| $IPTABLES -A INPUT -i $TUNIF -p tcp --dport 8080 -m mark --mark 1 -j DROP |
| $IPTABLES -A INPUT -i $TUNIF -p tcp --dport 8080 -m mark --mark 1 -j REJECT --reject-with tcp-reset |
| # Autorisation des connexions à DansGuardian |
| # Allow connections for DansGuardian |
| $IPTABLES -A INPUT -i $TUNIF -p tcp --dport 8080 -m state --state NEW --syn -j ACCEPT |