Qubes/core-admin
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Do not allow NEW connection to VM through ProxyVM. #136

Browse Source
This commit is contained in:
Tomasz Sterna 2011-03-27 17:23:58 +02:00
parent dab24a2090
commit 04a6b01b1b
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
dom0/qvm-core/qubes.py
View File

@ -1333,7 +1333,7 @@ class QubesProxyVm(QubesNetVm):
iptables += "-A FORWARD -i vif{0}.0 -j {1}\n".format(xid, default_action) iptables += "-A FORWARD -i vif{0}.0 -j {1}\n".format(xid, default_action)
iptables += "#End of VM rules\n" iptables += "#End of VM rules\n"
iptables += "-A FORWARD -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT\n" iptables += "-A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT\n"
iptables += "-A FORWARD -j DROP\n" iptables += "-A FORWARD -j DROP\n"
iptables += "COMMIT" iptables += "COMMIT"