From 12cb08b82a8d2dd7ff40d11c02178de916d835e8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?P=C3=81LI=20G=C3=A1bor=20J=C3=A1nos?= <pali.gabor@gmail.com>
Date: Tue, 19 Mar 2024 11:01:46 +0100
Subject: iptables: drop redundant rules about forwarding

There is actually no point in keeping those 2 rules as the default
action in `FORWARD` chain is `ACCEPT` anyways.  Removing them helps
to save a few CPU cycles.

Submitted by:	Anton Saietskii <vsasjason@gmail.com>
---
 etc/wpa_supplicant/appliance/iptables.sample | 3 ---
 1 file changed, 3 deletions(-)

(limited to 'etc/wpa_supplicant/appliance')

diff --git a/etc/wpa_supplicant/appliance/iptables.sample b/etc/wpa_supplicant/appliance/iptables.sample
index 3a3cd5f..4543480 100644
--- a/etc/wpa_supplicant/appliance/iptables.sample
+++ b/etc/wpa_supplicant/appliance/iptables.sample
@@ -10,9 +10,6 @@
 *filter
 :INPUT ACCEPT [0:0]
 :OUTPUT ACCEPT [0:0]
-:FORWARD ACCEPT [0:0]
-[0:0] -A FORWARD -i eth0 -o wlan0 -m state --state RELATED,ESTABLISHED -j ACCEPT
-[0:0] -A FORWARD -i eth0 -o wlan0 -j ACCEPT
 COMMIT
 *nat
 :INPUT ACCEPT [0:0]
-- 
cgit v1.2.3