Fix minor problem with wrong chain being checked resulting in multiple iptables entries created when script runs multiple times.

2024-12-25 15:29:29 -05:00 · 2019-09-02 13:01:22 +02:00 · 2019-09-02 13:01:22 +02:00 · 8f3c4343b5
commit 8f3c4343b5
parent f9fab270e8
1 changed files with 2 additions and 2 deletions
--- a/user/security-in-qubes/firewall.md
+++ b/user/security-in-qubes/firewall.md
@ -369,8 +369,8 @@ if iptables -N MY-HTTPS; then

 fi

-# If no forward rule exist for my service
-if ! iptables -n -L FORWARD | grep --quiet MY-HTTPS; then
+# If no input rule exists for my service
+if ! iptables -n -L INPUT | grep --quiet MY-HTTPS; then

 # add a forward rule for the traffic (same reason)
  iptables -I INPUT 5 -d 10.137.2.x -p tcp --dport 443 -m conntrack --ctstate NEW -j MY-HTTPS