FirewallΒΆ
Service users are allowed to add custom firewall rules. To do so place
configuration files containing iptables rules in the directory local
at
/var/lib/iptables/rules.d/filter
or
/var/lib/ip6tables/rules.d/filter
according the appropriate iptables
chain. The filenames have to start with at least two digits and are joined
together by ascending numbers.
For example, to add a ruleset for outgoing IPv6 connections, place a
configuration file at
/var/lib/ip6tables/rules.d/filter/OUTPUT/local/60custom
Altered configuration files are activated on a regular basis by a cron job every
10 minutes. Alternatively, service users (or those with sudo-srv
permissions)
can trigger an update run manually:
sudo localconfig