diff options
author | Nicolas Thill <nico@openwrt.org> | 2008-09-24 15:10:16 +0000 |
---|---|---|
committer | Nicolas Thill <nico@openwrt.org> | 2008-09-24 15:10:16 +0000 |
commit | 6ae32471154fc0b83a566b4c52448e1e62316406 (patch) | |
tree | 0b83a91c7f2413667c7238fa94624316b2c779d6 /package/firewall/files/firewall.config | |
parent | 255da4e2c1cd917acc2abcd94bb37b9f7293d420 (diff) | |
download | upstream-6ae32471154fc0b83a566b4c52448e1e62316406.tar.gz upstream-6ae32471154fc0b83a566b4c52448e1e62316406.tar.bz2 upstream-6ae32471154fc0b83a566b4c52448e1e62316406.zip |
firewall changes:
- implement a REJECT policy and enable it by default, reject packets with approriate response (closes: #3970)
- cleanup syn_flood and remove logging
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@12688 3c298f89-4303-0410-b956-a3cf2f4a3e73
Diffstat (limited to 'package/firewall/files/firewall.config')
-rwxr-xr-x | package/firewall/files/firewall.config | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/package/firewall/files/firewall.config b/package/firewall/files/firewall.config index fe5d38d2b9..8ac9049553 100755 --- a/package/firewall/files/firewall.config +++ b/package/firewall/files/firewall.config @@ -1,20 +1,20 @@ config defaults option syn_flood 1 - option input DROP + option input REJECT option output ACCEPT - option forward DROP + option forward REJECT config zone option name lan option input ACCEPT option output ACCEPT - option forward DROP + option forward REJECT config zone option name wan - option input DROP + option input REJECT option output ACCEPT - option forward DROP + option forward REJECT option masq 1 config forwarding |