From 4a9732375aa488bdc383d9ff4b60c82be9c4cc5c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Lauri=20V=C3=B5sandi?= <lauri@pinecrypt.com>
Date: Mon, 31 May 2021 21:12:45 +0300
Subject: [PATCH] Allow SSH connections in firewall config

---
 pinecrypt/server/cli.py | 1 +
 1 file changed, 1 insertion(+)

diff --git a/pinecrypt/server/cli.py b/pinecrypt/server/cli.py
index 26e377d..e8734f8 100644
--- a/pinecrypt/server/cli.py
+++ b/pinecrypt/server/cli.py
@@ -230,6 +230,7 @@ def pinecone_provision():
         yield "-A INPUT -p icmp -j ACCEPT -m comment --comment \"Allow ping\""
         yield "-A INPUT -p esp -j ACCEPT -m comment --comment \"Allow ESP traffic\""
         yield "-A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT -m comment --comment \"Allow returning packets\""
+        yield "-A INPUT -p tcp --dport 22 -j ACCEPT -m comment --comment \"Allow SSH\""
         yield "-A INPUT -p udp --dport 53 -j ACCEPT -m comment --comment \"Allow GoreDNS over UDP\""
         yield "-A INPUT -p tcp --dport 53 -j ACCEPT -m comment --comment \"Allow GoreDNS over TCP\""
         yield "-A INPUT -p tcp --dport 80 -j ACCEPT -m comment --comment \"Allow insecure HTTP\""