Changeset 13724 in hybrid for branches


Ignore:
Timestamp:
Jan 18, 2017, 1:01:31 AM (8 years ago)
Author:
rick
Message:

ruleset does not allow empty port definitions.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • branches/releng-11/nanobsd/files/etc/pf.hybrid.conf

    r13700 r13724  
    1818# Standard port allow listings for external services
    1919allow_ext_in_tcp="1022"
    20 allow_ext_in_udp=""
    2120
    2221allow_ext_out_tcp = "domain, http, https"
     
    8786# Expose some local services for the external world (WWW) network (4)
    8887pass in on $ext_if inet proto tcp from any to $ext_if port { $allow_ext_in_tcp } keep state
    89 pass in on $ext_if inet proto udp from any to $ext_if port { $allow_ext_in_udp } keep state
    9088pass in on $ext_if inet proto icmp from any to $ext_if icmp-type { echoreq }
    9189
Note: See TracChangeset for help on using the changeset viewer.