On Mon, 2021-02-22 at 09:22 -1000, Joel Roth via Dng wrote: > I use this to remove all rules: > > iptables -P INPUT ACCEPT > iptables -P FORWARD ACCEPT > iptables -P OUTPUT ACCEPT > iptables -t nat -F > iptables -t mangle -F > iptables -F > iptables -X > > I can't speak for the provenance, but afterwards > iptables -n -L, shows ACCEPT for INPUT, OUTPUT and FORWARD, > with no other rules. > > > -- > Joel Roth
I do similar. I purge any firewalls and use iptables exclusively. Steve, one thing that's definitely important is for the host to have -P FORWARD ACCEPT in order for the VM to receive traffic. This is of course because it's acting as a bridge or switch between the default gateway and the VM. I second iptables-persistent. I feel more comfortable handling IPTABLES than learning a firewall that's going to use IPTABLES (or nftables, same thing pretty much) in the background. Gabe _______________________________________________ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
