From 657a1bc9886f39fbc93c7fbcd121d2b39ca20621 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?R=C3=A9mi=20-=20Le=20Filament?= <remi@le-filament.com>
Date: Thu, 3 Jun 2021 11:32:29 +0200
Subject: [PATCH] Remove unecessary ports on INPUT

---
 templates/iptables.conf.j2 | 5 -----
 1 file changed, 5 deletions(-)

diff --git a/templates/iptables.conf.j2 b/templates/iptables.conf.j2
index 28f407f..2f2e449 100644
--- a/templates/iptables.conf.j2
+++ b/templates/iptables.conf.j2
@@ -35,11 +35,6 @@
 {% if inventory_hostname in groups.docker_nagios %}
 -A INPUT -s 192.168.239.0/24 -p tcp -m tcp --dport 443 -m state --state NEW,ESTABLISHED -j ACCEPT
 {% endif %}
-# DNS
--A INPUT -p tcp -m tcp --dport 53 -j ACCEPT
--A INPUT -p udp -m udp --dport 53 -j ACCEPT
-# DHCP
--A INPUT -p udp -m udp --dport 68 -j ACCEPT
 # NRPE
 {% for host in groups.docker_nagios %}
 -A INPUT -s {{ hostvars[host].ansible_host }} -p tcp -m tcp --dport 5666 -m state --state NEW,ESTABLISHED -j ACCEPT
-- 
GitLab