aboutsummaryrefslogtreecommitdiffstats
path: root/package/network/config/firewall
diff options
context:
space:
mode:
authorSteven Barth <cyrus@openwrt.org>2015-07-24 10:00:45 +0000
committerSteven Barth <cyrus@openwrt.org>2015-07-24 10:00:45 +0000
commitf6abd042c29f5a69d56151f884fbf4f4e834e674 (patch)
tree47097a5dc240ee067e62a29b76f242b6ca8a382e /package/network/config/firewall
parent1b6a6abf0439177cba1fdea3ae91a7354fe74841 (diff)
downloadupstream-f6abd042c29f5a69d56151f884fbf4f4e834e674.tar.gz
upstream-f6abd042c29f5a69d56151f884fbf4f4e834e674.tar.bz2
upstream-f6abd042c29f5a69d56151f884fbf4f4e834e674.zip
firewall: comply with REC-22, REC-24 of RFC 6092
Signed-off-by: Steven Barth <steven@midlink.org> SVN-Revision: 46478
Diffstat (limited to 'package/network/config/firewall')
-rw-r--r--package/network/config/firewall/Makefile2
-rw-r--r--package/network/config/firewall/files/firewall.config23
2 files changed, 12 insertions, 13 deletions
diff --git a/package/network/config/firewall/Makefile b/package/network/config/firewall/Makefile
index b4294f2e93..9a077241a3 100644
--- a/package/network/config/firewall/Makefile
+++ b/package/network/config/firewall/Makefile
@@ -8,7 +8,7 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=firewall
-PKG_VERSION:=2015-05-26
+PKG_VERSION:=2015-07-22
PKG_RELEASE:=$(PKG_SOURCE_VERSION)
PKG_SOURCE_PROTO:=git
diff --git a/package/network/config/firewall/files/firewall.config b/package/network/config/firewall/files/firewall.config
index 1a20e39ca5..5d0e3cbc66 100644
--- a/package/network/config/firewall/files/firewall.config
+++ b/package/network/config/firewall/files/firewall.config
@@ -159,19 +159,18 @@ config include
# option proto tcp
# allow IPsec/ESP and ISAKMP passthrough
-#config rule
-# option src wan
-# option dest lan
-# option protocol esp
-# option target ACCEPT
+config rule
+ option src wan
+ option dest lan
+ option protocol esp
+ option target ACCEPT
-#config rule
-# option src wan
-# option dest lan
-# option src_port 500
-# option dest_port 500
-# option proto udp
-# option target ACCEPT
+config rule
+ option src wan
+ option dest lan
+ option dest_port 500
+ option proto udp
+ option target ACCEPT
### FULL CONFIG SECTIONS
#config rule