From 2b46e473600b2b45cd02c3734cb3acbc81e24013 Mon Sep 17 00:00:00 2001 From: Rui Quintino Date: Wed, 20 Aug 2025 23:41:38 +0100 Subject: [PATCH] update to icmp-admin-prohibited makes more sense for the intended usage --- .devcontainer/init-firewall.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.devcontainer/init-firewall.sh b/.devcontainer/init-firewall.sh index aa018725..062fcfdb 100644 --- a/.devcontainer/init-firewall.sh +++ b/.devcontainer/init-firewall.sh @@ -114,7 +114,7 @@ iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A OUTPUT -m set --match-set allowed-domains dst -j ACCEPT # Explicitly REJECT all other outbound traffic for immediate feedback -iptables -A OUTPUT -j REJECT --reject-with icmp-port-unreachable +iptables -A OUTPUT -j REJECT --reject-with icmp-admin-prohibited echo "Firewall configuration complete" echo "Verifying firewall rules..."