]> git.ipfire.org Git - ipfire-2.x.git/commit
projects / ipfire-2.x.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: c9e01c8) | patch
outgoingfw: mode=1: Change policy ACCEPT -> RETURN.
authorMichael Tremer <michael.tremer@ipfire.org>
Tue, 7 Aug 2012 14:37:29 +0000 (16:37 +0200)
committerMichael Tremer <michael.tremer@ipfire.org>
Tue, 7 Aug 2012 14:45:22 +0000 (16:45 +0200)
commit78a14abf81e61ea4fc62d313dfd6779cda9421ae
tree870fde8807529512ab9c636b714b12a7055eb146tree | snapshot
parentc9e01c8cb87ff79a6fbb3a98e552757072c251efcommit | diff
outgoingfw: mode=1: Change policy ACCEPT -> RETURN.

Because of the early acceptance of packets, that pass the outgoing
firewall, it was possible to circumvent the MAC address filter on
blue.
The RETURN target forces the packets to go on. Other packets,
that do not pass the outgoing firewall will be dropped immediately.
config/outgoingfw/outgoingfw.pl diff | blob | blame | history
config/rootfiles/core/62/filelists/files diff | blob | blame | history
IPFire 2.x development tree