From a9f5c22a3b41c9d7b4b5022a1ca9b6695e52d0e9 Mon Sep 17 00:00:00 2001
From: AngeD <ange.duhayon@epitech.eu>
Date: Wed, 8 Nov 2023 16:14:41 +0100
Subject: [PATCH] feat: autoload iptables rules

---
 README.md                           |  4 ++--
 install.sh                          | 12 +++++++-----
 rootfs/etc/iptables/ip6tables.rules |  6 ++++++
 3 files changed, 15 insertions(+), 7 deletions(-)
 create mode 100644 rootfs/etc/iptables/ip6tables.rules

diff --git a/README.md b/README.md
index bbddfd8..40d0b57 100644
--- a/README.md
+++ b/README.md
@@ -21,8 +21,8 @@ If you want to install a gui
 $EDITOR ./gui/config
 ./gui/install.sh
 
-$EDITOR ./gui/config
-./gui/install.sh
+$EDITOR ./gui/$GUI/config
+./gui/$GUI/install.sh
 ```
 
 For the dotfiles, run the script as the newly created user:
diff --git a/install.sh b/install.sh
index 0203c8d..369f1c1 100755
--- a/install.sh
+++ b/install.sh
@@ -30,11 +30,13 @@ sed -i '/^HOOKS=(/s/filesystems/encrypt filesystems/' /etc/mkinitcpio.conf
 
 # Packages
 $PACMAN "${pkg[@]}" "$cpu-ucode"
-systemctl enable      \
-    NetworkManager    \
-    podman.socket     \
-    reflector.timer   \
-    systemd-resolved  \
+systemctl enable     \
+    NetworkManager   \
+    ip6tables        \
+    iptables         \
+    podman.socket    \
+    reflector.timer  \
+    systemd-resolved \
     systemd-timesyncd
 
 if ls -d /sys/class/power_supply/BAT*/ > /dev/null 2>&1; then
diff --git a/rootfs/etc/iptables/ip6tables.rules b/rootfs/etc/iptables/ip6tables.rules
new file mode 100644
index 0000000..f33b7f0
--- /dev/null
+++ b/rootfs/etc/iptables/ip6tables.rules
@@ -0,0 +1,6 @@
+*filter
+:INPUT DROP [0:0]
+:FORWARD DROP [0:0]
+:OUTPUT ACCEPT [0:0]
+-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
+COMMIT