diff options
author | Steven Barth <steven@midlink.org> | 2015-07-27 11:47:56 +0000 |
---|---|---|
committer | Steven Barth <steven@midlink.org> | 2015-07-27 11:47:56 +0000 |
commit | 2c77afaa7b6efdd5230236a8fbd9e2a527753cc6 (patch) | |
tree | ad67a25857c65b7c4517ba3df5f3f2b37578501b /package/network/config/firewall/files/firewall.config | |
parent | 0c4feeac8211bd3cc617958cd766cc8cdf73c1f1 (diff) | |
download | upstream-2c77afaa7b6efdd5230236a8fbd9e2a527753cc6.tar.gz upstream-2c77afaa7b6efdd5230236a8fbd9e2a527753cc6.tar.bz2 upstream-2c77afaa7b6efdd5230236a8fbd9e2a527753cc6.zip |
firewall: comply with REC-22, REC-24 of RFC 6092
Signed-off-by: Steven Barth <steven@midlink.org>
git-svn-id: svn://svn.openwrt.org/openwrt/branches/chaos_calmer@46507 3c298f89-4303-0410-b956-a3cf2f4a3e73
Diffstat (limited to 'package/network/config/firewall/files/firewall.config')
-rw-r--r-- | package/network/config/firewall/files/firewall.config | 23 |
1 files changed, 11 insertions, 12 deletions
diff --git a/package/network/config/firewall/files/firewall.config b/package/network/config/firewall/files/firewall.config index 1a20e39ca5..5d0e3cbc66 100644 --- a/package/network/config/firewall/files/firewall.config +++ b/package/network/config/firewall/files/firewall.config @@ -159,19 +159,18 @@ config include # option proto tcp # allow IPsec/ESP and ISAKMP passthrough -#config rule -# option src wan -# option dest lan -# option protocol esp -# option target ACCEPT +config rule + option src wan + option dest lan + option protocol esp + option target ACCEPT -#config rule -# option src wan -# option dest lan -# option src_port 500 -# option dest_port 500 -# option proto udp -# option target ACCEPT +config rule + option src wan + option dest lan + option dest_port 500 + option proto udp + option target ACCEPT ### FULL CONFIG SECTIONS #config rule |