ExternalVendorCode/balena-supervisor
1
0
Fork 0
mirror of https://github.com/balena-os/balena-supervisor.git synced 2024-12-18 21:27:54 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge pull request #2386 from balena-os/allow-dns-from-custom-bridge-ifaces-for-firewall

Browse Source 
Firewall: allow DNS requests from custom Docker bridge networks
This commit is contained in:
flowzone-app[bot] 2024-11-11 19:01:51 +00:00 committed by GitHub
commit b3b1fddfa5
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/lib/firewall.ts
View File

@ -56,12 +56,19 @@ const standardServices: iptables.Rule[] = [
target: 'ACCEPT',
},
{
comment: 'DNS',
comment: 'DNS from balena0',
action: iptables.RuleAction.Append,
proto: 'udp',
matches: ['--dport 53', '-i balena0'],
target: 'ACCEPT',
},
{
comment: 'DNS from custom Engine networks',
action: iptables.RuleAction.Append,
proto: 'udp',
matches: ['--dport 53', '-i br+'],
target: 'ACCEPT',
},
];
const standardPolicy: iptables.Rule[] = [