marketing-shibata50/claude-code
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

add Explicit REJECT

Browse source 
Allows for immediate (~20ms) for any blocked call instead of long timeout
This commit is contained in:
Rui Quintino 2025-08-20 23:17:44 +01:00 committed by GitHub
parent 239aeb55ee
commit c58a7da257
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 3 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

3
.devcontainer/init-firewall.sh
View file

@ -113,6 +113,9 @@ iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
# Then allow only specific outbound traffic to allowed domains
iptables -A OUTPUT -m set --match-set allowed-domains dst -j ACCEPT
# Explicitly REJECT all other outbound traffic for immediate feedback
iptables -A OUTPUT -j REJECT --reject-with icmp-port-unreachable
echo "Firewall configuration complete"
echo "Verifying firewall rules..."
if curl --connect-timeout 5 https://example.com >/dev/null 2>&1; then