document firewall rules (#6)

2017-12-11 08:44:34 +01:00 · 2017-12-11 08:44:34 +01:00 · 28566d7f29
parent 82d6b7ea28
commit 28566d7f29
1 changed files with 14 additions and 0 deletions
--- a/README.md
+++ b/README.md
@ -63,3 +63,17 @@ ssh root@rpi3
 # Enter password “raspberry”
 ```

+Note that the default firewall rules only allow SSH access from the local
+network. If you wish to enable SSH access globally, first change your root
+password using `passwd`. Next, issue the following commands as root to remove
+the corresponding firewall rules:
+
+```shell
+iptables -F INPUT
+ip6tables -F INPUT
+```
+
+This will allow SSH connections globally until the next reboot. To make this
+persistent, remove the lines containing "REJECT" in `/etc/iptables/rules.v4` and
+`/etc/iptables/rules.v6`.
+