Linux firewall fixes inspired by Richard.
* If firewall setup fails, don't fail completely open! Instead all full access to/from the firewall, but block all access to/from inside nodes. * Sort the rules by rule number so that user added rules get put in the correct place. * Fix the rules template for iptables so that user rules get inserted into an appropriate location. * Fix a bug in the anti-spoofing rules that would prevent any access from outside to the inside nodes.
Showing with 23 additions and 7 deletions