diff --git a/scripts/remote-install.sh b/scripts/remote-install.sh index 289ad335..67610b53 100644 --- a/scripts/remote-install.sh +++ b/scripts/remote-install.sh @@ -197,8 +197,11 @@ then # Force hostid for IOU dd if=/dev/zero bs=4 count=1 of=/etc/hostid - # Block iou call. The server is down - echo "127.0.0.254 xml.cisco.com" | tee --append /etc/hosts + # Block potential IOU phone home call (xml.cisco.com is not in use at this time) + iptables -I OUTPUT -p udp --dport 53 -m string --hex-string "|03|xml|05|cisco|03|com" --algo bm -j DROP + echo iptables-persistent iptables-persistent/autosave_v4 boolean true | debconf-set-selections + echo iptables-persistent iptables-persistent/autosave_v6 boolean true | debconf-set-selections + apt-get install -y iptables-persistent fi log "Add gns3 to the kvm group"