* firewall.nix: Only flush/delete the chains created by us.

svn path=/nixos/trunk/; revision=26271
2024-11-11 04:02:55 +03:00 · 2011-03-11 11:53:18 +00:00 · 2011-03-11 11:53:18 +00:00 · ab0ce6734b
commit ab0ce6734b
parent f672aa71bf
1 changed files with 4 additions and 3 deletions
--- a/modules/services/networking/firewall.nix
+++ b/modules/services/networking/firewall.nix
@ -116,7 +116,8 @@ in
              ip6tables "$@"
            }

-            ip46tables -F
+            ip46tables -F INPUT
+            ip46tables -F FW_REFUSE || true
            ip46tables -X # flush unused chains
            ip46tables -P INPUT DROP

@ -179,9 +180,9 @@ in

        postStop =
          ''
-            iptables -F
+            iptables -F INPUT
            iptables -P INPUT ACCEPT
-            ip6tables -F
+            ip6tables -F INPUT
            ip6tables -P INPUT ACCEPT
          '';
      };