/[smecontribs]/rpms/smeserver-coova-chilli/contribs7/smeserver-coova-chilli-0.2-drop_forward_not_to_ext_if.patch
ViewVC logotype

Contents of /rpms/smeserver-coova-chilli/contribs7/smeserver-coova-chilli-0.2-drop_forward_not_to_ext_if.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph

Revision 1.1 - (show annotations) (download)
Wed Oct 20 17:32:50 2010 UTC (13 years, 6 months ago) by vip-ire
Branch: MAIN
CVS Tags: smeserver-coova-chilli-0_2-20_el4_sme, smeserver-coova-chilli-0_2-19_el4_sme, HEAD 
* Wed Oct 20 2010 Daniel B. <daniel@firewall-services.com> 0.2-19
- Drop all the trafic not going through the external interface
1 --- smeserver-coova-chilli-0.2/root/etc/e-smith/templates/etc/rc.d/init.d/masq/00Functions01Chilli40forwardFrom.drop_forward_not_to_ext_if 2010-10-20 19:30:12.000000000 +0200
2 +++ smeserver-coova-chilli-0.2/root/etc/e-smith/templates/etc/rc.d/init.d/masq/00Functions01Chilli40forwardFrom 2010-10-20 19:30:50.000000000 +0200
3 @@ -7,6 +7,7 @@
4 /sbin/iptables -N FORWARD_FROM_CHILLI
5 /sbin/iptables -A FORWARD_FROM_CHILLI -j state_chk
6 /sbin/iptables -A FORWARD_FROM_CHILLI -s ! $net -j denylog
7 + /sbin/iptables -A FORWARD_FROM_CHILLI -o ! \$OUTERIF -j denylog
8 /sbin/iptables -A FORWARD_FROM_CHILLI -p icmp --icmp-type echo-request -j ACCEPT
9 # Allow http for un-authenticated clients so uamallowed works
10 # Https need to be allowed in AllowedOutgoing
admin@koozali.org
 ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed