diff options
| author | Steven Barth <steven@midlink.org> | 2015-07-24 10:00:45 +0000 |
|---|---|---|
| committer | Steven Barth <steven@midlink.org> | 2015-07-24 10:00:45 +0000 |
| commit | 8a466404104e6180c4fb521d6f2a19392644e9a1 (patch) | |
| tree | 77eadc220e22edc4c86eec01aa960580a2ed9561 /package/network/config/firewall/files | |
| parent | e379071788f8be5b2ac9ca1b4399753899bd018f (diff) | |
| download | master-187ad058-8a466404104e6180c4fb521d6f2a19392644e9a1.tar.gz master-187ad058-8a466404104e6180c4fb521d6f2a19392644e9a1.tar.bz2 master-187ad058-8a466404104e6180c4fb521d6f2a19392644e9a1.zip | |
firewall: comply with REC-22, REC-24 of RFC 6092
Signed-off-by: Steven Barth <steven@midlink.org>
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@46478 3c298f89-4303-0410-b956-a3cf2f4a3e73
Diffstat (limited to 'package/network/config/firewall/files')
| -rw-r--r-- | package/network/config/firewall/files/firewall.config | 23 |
1 files changed, 11 insertions, 12 deletions
diff --git a/package/network/config/firewall/files/firewall.config b/package/network/config/firewall/files/firewall.config index 1a20e39ca5..5d0e3cbc66 100644 --- a/package/network/config/firewall/files/firewall.config +++ b/package/network/config/firewall/files/firewall.config @@ -159,19 +159,18 @@ config include # option proto tcp # allow IPsec/ESP and ISAKMP passthrough -#config rule -# option src wan -# option dest lan -# option protocol esp -# option target ACCEPT +config rule + option src wan + option dest lan + option protocol esp + option target ACCEPT -#config rule -# option src wan -# option dest lan -# option src_port 500 -# option dest_port 500 -# option proto udp -# option target ACCEPT +config rule + option src wan + option dest lan + option dest_port 500 + option proto udp + option target ACCEPT ### FULL CONFIG SECTIONS #config rule |