mirror of
https://gitlab.freedesktop.org/NetworkManager/NetworkManager
synced 2024-10-15 20:45:32 +00:00
f9e14805e6
SSH seems one of the few really trusted processes. It is even allowed for the public zone. Allow it in "nm-shared" zone too.
25 lines
729 B
XML
25 lines
729 B
XML
<?xml version="1.0" encoding="utf-8"?>
|
|
<zone target="ACCEPT">
|
|
<short>NetworkManager Shared</short>
|
|
|
|
<description>
|
|
This zone is used internally by NetworkManager when activating a
|
|
profile that uses connection sharing and doesn't have an explicit
|
|
firewall zone set.
|
|
Block all traffic to the local machine except ICMP, ICMPv6, DHCP
|
|
and DNS. Allow all forwarded traffic.
|
|
Note that future package updates may change the definition of the
|
|
zone unless you overwrite it with your own definition.
|
|
</description>
|
|
|
|
<rule priority='32767'>
|
|
<reject/>
|
|
</rule>
|
|
|
|
<protocol value='icmp'/>
|
|
<protocol value='ipv6-icmp'/>
|
|
<service name="dhcp"/>
|
|
<service name="dns"/>
|
|
<service name="ssh"/>
|
|
</zone>
|