ange/archinstall
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: autoload iptables rules

Browse Source
This commit is contained in:
AngeD 2023-11-08 16:14:41 +01:00
parent 856a444267
commit a9f5c22a3b
3 changed files with 15 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
README.md
View File

@ -21,8 +21,8 @@ If you want to install a gui
$EDITOR ./gui/config $EDITOR ./gui/config
./gui/install.sh ./gui/install.sh
$EDITOR ./gui/config $EDITOR ./gui/$GUI/config
./gui/install.sh ./gui/$GUI/install.sh
``` ```
For the dotfiles, run the script as the newly created user: For the dotfiles, run the script as the newly created user:

2
install.sh
View File

@ -32,6 +32,8 @@ sed -i '/^HOOKS=(/s/filesystems/encrypt filesystems/' /etc/mkinitcpio.conf
$PACMAN "${pkg[@]}" "$cpu-ucode" $PACMAN "${pkg[@]}" "$cpu-ucode"
systemctl enable \ systemctl enable \
NetworkManager \ NetworkManager \
ip6tables \
iptables \
podman.socket \ podman.socket \
reflector.timer \ reflector.timer \
systemd-resolved \ systemd-resolved \

6
rootfs/etc/iptables/ip6tables.rules Normal file
View File

@ -0,0 +1,6 @@
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
COMMIT