summaryrefslogtreecommitdiffstats
path: root/package/network/config/firewall/files
diff options
context:
space:
mode:
authorSteven Barth <cyrus@openwrt.org>2015-07-24 10:00:45 +0000
committerSteven Barth <cyrus@openwrt.org>2015-07-24 10:00:45 +0000
commitf6abd042c29f5a69d56151f884fbf4f4e834e674 (patch)
tree47097a5dc240ee067e62a29b76f242b6ca8a382e /package/network/config/firewall/files
parent1b6a6abf0439177cba1fdea3ae91a7354fe74841 (diff)
downloadmaster-31e0f0ae-f6abd042c29f5a69d56151f884fbf4f4e834e674.tar.gz
master-31e0f0ae-f6abd042c29f5a69d56151f884fbf4f4e834e674.tar.bz2
master-31e0f0ae-f6abd042c29f5a69d56151f884fbf4f4e834e674.zip
firewall: comply with REC-22, REC-24 of RFC 6092
Signed-off-by: Steven Barth <steven@midlink.org> SVN-Revision: 46478
Diffstat (limited to 'package/network/config/firewall/files')
-rw-r--r--package/network/config/firewall/files/firewall.config23
1 files changed, 11 insertions, 12 deletions
diff --git a/package/network/config/firewall/files/firewall.config b/package/network/config/firewall/files/firewall.config
index 1a20e39ca5..5d0e3cbc66 100644
--- a/package/network/config/firewall/files/firewall.config
+++ b/package/network/config/firewall/files/firewall.config
@@ -159,19 +159,18 @@ config include
# option proto tcp
# allow IPsec/ESP and ISAKMP passthrough
-#config rule
-# option src wan
-# option dest lan
-# option protocol esp
-# option target ACCEPT
+config rule
+ option src wan
+ option dest lan
+ option protocol esp
+ option target ACCEPT
-#config rule
-# option src wan
-# option dest lan
-# option src_port 500
-# option dest_port 500
-# option proto udp
-# option target ACCEPT
+config rule
+ option src wan
+ option dest lan
+ option dest_port 500
+ option proto udp
+ option target ACCEPT
### FULL CONFIG SECTIONS
#config rule
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-30 16:04:51 +0000