[arch-commits] CVS update of core/support/iptables (PKGBUILD simple_firewall.rules)

Thomas Baechler thomas at archlinux.org
Tue Feb 26 15:02:26 UTC 2008 

    Date: Tuesday, February 26, 2008 @ 16:02:26
  Author: thomas
    Path: /home/cvs-core/core/support/iptables

Modified: PKGBUILD (1.38 -> 1.39) simple_firewall.rules (1.2 -> 1.3)

upgpkg: iptables 1.4.0-1


-----------------------+
 PKGBUILD              |   10 +++++-----
 simple_firewall.rules |    7 ++++++-
 2 files changed, 11 insertions(+), 6 deletions(-)


Index: core/support/iptables/PKGBUILD
diff -u core/support/iptables/PKGBUILD:1.38 core/support/iptables/PKGBUILD:1.39
--- core/support/iptables/PKGBUILD:1.38	Fri Nov 16 00:53:16 2007
+++ core/support/iptables/PKGBUILD	Tue Feb 26 16:02:26 2008
@@ -1,8 +1,8 @@
-# $Id: PKGBUILD,v 1.38 2007/11/15 23:53:16 daniel Exp $
+# $Id: PKGBUILD,v 1.39 2008/02/26 15:02:26 thomas Exp $
 # Maintainer: judd <jvinet at zeroflux.org>
 pkgname=iptables
-pkgver=1.3.8
-pkgrel=2
+pkgver=1.4.0
+pkgrel=1
 pkgdesc="A Linux kernel packet control tool"
 arch=('i686' 'x86_64')
 license=('GPL')
@@ -10,11 +10,11 @@
 depends=('glibc')
 source=(http://www.iptables.org/projects/iptables/files/iptables-$pkgver.tar.bz2 \
         iptables ip6tables empty.rules simple_firewall.rules iptables.conf.d)
-md5sums=('0a9209f928002e5eee9cdff8fef4d4b3'
+md5sums=('90cfa8a554a29b0b859a625e701af2a7'
          '89401d6f0cf1de46a455b7be6720a58b'
          '6e0e88c2ed0c3715d1409ee3258a0046'
          '14186bbafe21bb0638c0cb8e0903c829'
-         '188083c58ed74bcbe70012c9f8867c44'
+         'e53a83bb4d8ac8b7eadd7bd58294751d'
          'c7cf6e4455c228e50d20ce3edd75ee59')
 
 build() {
Index: core/support/iptables/simple_firewall.rules
diff -u core/support/iptables/simple_firewall.rules:1.2 core/support/iptables/simple_firewall.rules:1.3
--- core/support/iptables/simple_firewall.rules:1.2	Tue Sep 14 01:53:21 2004
+++ core/support/iptables/simple_firewall.rules	Tue Feb 26 16:02:26 2008
@@ -2,5 +2,10 @@
 :INPUT DROP [0:0]
 :FORWARD DROP [0:0]
 :OUTPUT ACCEPT [0:0]
--A INPUT -i eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT 
+-A INPUT -p icmp -j ACCEPT 
+-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT 
+-A INPUT -i lo -j ACCEPT 
+-A INPUT -p tcp -j REJECT --reject-with tcp-reset 
+-A INPUT -p udp -j REJECT --reject-with icmp-port-unreachable 
+-A INPUT -j REJECT --reject-with icmp-proto-unreachable 
 COMMIT

More information about the arch-commits mailing list