From d9b54ce295130bfe3d1c4be7f0e4db1e8e4331f8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rapha=C3=ABl=20Vinot?= Date: Tue, 5 Jul 2016 16:15:00 +0200 Subject: [PATCH] Reject all network connexions. --- fs/opt/groomer/init.sh | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/fs/opt/groomer/init.sh b/fs/opt/groomer/init.sh index a926213..1854986 100755 --- a/fs/opt/groomer/init.sh +++ b/fs/opt/groomer/init.sh @@ -33,5 +33,11 @@ chown -R kitten:kitten /tmp/libreoffice mkdir /tmp/libreoffice_config chown -R kitten:kitten /tmp/libreoffice_config +# Reject all network connexions. +iptables -F +iptables -A INPUT -j REJECT +iptables -A OUTPUT -j REJECT +iptables -A FORWARD -j REJECT + su ${USERNAME} -c ./groomer.sh