Changeset 10201 in hybrid for branches/releng-9.0/nanobsd/files


Ignore:
Timestamp:
Mar 17, 2012, 1:19:08 PM (13 years ago)
Author:
richardvm
Message:

blocking port 443

Location:
branches/releng-9.0/nanobsd/files
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • TabularUnified branches/releng-9.0/nanobsd/files/etc/ipfw.sh

    r10199 r10201  
    6666for INF in $captive_portal_interfaces; do
    6767  ${fwcmd} add 10100 fwd 172.31.255.1,8081 tcp from any to not 172.16.0.0/12 80 in via ${INF}
     68  ${fwcmd} add 11000 deny ip from any to any in via ${INF}
    6869done
  • TabularUnified branches/releng-9.0/nanobsd/files/usr/local/www/wlportal/index.cgi

    r10200 r10201  
    181181    self.ip_in_firewall = {}
    182182    if sp.returncode == 0:
    183       # 10010   32   1920 allow tcp from 172.20.145.30 to not 172.16.0.0/12 dst-port 80
     183      # 10010   32   1920 allow tcp from 172.20.145.30 to not 172.16.0.0/12 dst-port 80,443
    184184      for line in output.strip().split('\n'):
    185185        t = line.split()
     
    227227    self.load()
    228228    if not self.ip_in_firewall.has_key(ipaddr):
    229       rule = "NUMBER allow tcp from IPADDR to not 172.16.0.0/12 dst-port 80".split()
     229      rule = "NUMBER allow tcp from IPADDR to not 172.16.0.0/12 dst-port 80,443".split()
    230230      rule[0] = str(self.available_rule)
    231231      rule[4] = str(ipaddr)
Note: See TracChangeset for help on using the changeset viewer.