From 1fa231e9c48ae0e548f566033200cd1817e6dc17 Mon Sep 17 00:00:00 2001
From: Jochen Demmer <jochen@winteltosh.de>
Date: Sun, 11 Dec 2022 11:20:25 +0100
Subject: [PATCH] major bug: default input was set to allow

---
 roles/ansible_openwrtfirewall/defaults/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/ansible_openwrtfirewall/defaults/main.yml b/roles/ansible_openwrtfirewall/defaults/main.yml
index e0a1b20..42536b2 100644
--- a/roles/ansible_openwrtfirewall/defaults/main.yml
+++ b/roles/ansible_openwrtfirewall/defaults/main.yml
@@ -6,7 +6,7 @@ openwrt_firewall_deploypath: "{{ openwrt_firewall_deployroot }}etc/config"
 openwrt_firewall_deployfile: "firewall"
 openwrt_firewall_setdefaultzones: true
 openwrt_firewall_default_forward: "REJECT"
-openwrt_firewall_default_input: "ACCEPT"
+openwrt_firewall_default_input: "REJECT"
 openwrt_firewall_default_output: "ACCEPT"
 openwrt_firewall_default_synflood_protect: 1
 openwrt_firewall_default_flow_offloading: 0