extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-01-10 23:58:14 +01:00
Code Issues Packages Projects Releases Wiki Activity

Reverse the order of Broadcast and ICMP checking in the default actions

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2016-04-11 10:47:11 -07:00
parent 9758e8cdc5
commit 76a5841fcd
2 changed files with 8 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
Shorewall/action.Drop
View File

@ -51,14 +51,14 @@ COUNT
Auth(@2)
?endif
#
# Don't log broadcasts
#
Broadcast(DROP,@1)
#
# ACCEPT critical ICMP types
#
AllowICMPs(@4) - - icmp
#
# Don't log broadcasts
#
Broadcast(DROP,@1)
#
# Drop packets that are in the INVALID state -- these are usually ICMP packets
# and just confuse people when they appear in the log.
#

8
Shorewall/action.Reject
View File

@ -50,15 +50,15 @@ COUNT
Auth(@2)
?endif
#
# ACCEPT critical ICMP types
#
AllowICMPs(@4) - - icmp
#
# Drop Broadcasts so they don't clutter up the log
# (broadcasts must *not* be rejected).
#
Broadcast(DROP,@1)
#
# ACCEPT critical ICMP types
#
AllowICMPs(@4) - - icmp
#
# Drop packets that are in the INVALID state -- these are usually ICMP packets
# and just confuse people when they appear in the log (these ICMPs cannot be
# rejected).