]> git.ipfire.org Git - people/pmueller/ipfire-2.x.git/commitdiff
projects / people / pmueller / ipfire-2.x.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: c1ba35e)
configroot: Enable logging of spoofed packets/martians by default
authorPeter Müller <peter.mueller@ipfire.org>
Sat, 18 Dec 2021 13:50:13 +0000 (14:50 +0100)
committerPeter Müller <peter.mueller@ipfire.org>
Fri, 14 Jan 2022 14:17:08 +0000 (14:17 +0000)
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
lfs/configroot patch | blob | blame | history

diff --git a/lfs/configroot b/lfs/configroot
index 60dc55bfd2f6afadd5140ccb22c8c85818f1c169..a56816143339024c4a8ad24cfecf6fe517aa0b63 100644 (file)
--- a/lfs/configroot
+++ b/lfs/configroot
@@ -114,7 +114,7 @@ $(TARGET) :
        echo  "ENABLED=off"             > $(CONFIG_ROOT)/vpn/settings
        echo  "01"                      > $(CONFIG_ROOT)/certs/serial
        echo  "nameserver    1.2.3.4"   > $(CONFIG_ROOT)/ppp/fake-resolv.conf
-       echo  "DROPNEWNOTSYN=on"                >> $(CONFIG_ROOT)/optionsfw/settings
+       echo  "DROPNEWNOTSYN=on"        >> $(CONFIG_ROOT)/optionsfw/settings
        echo  "DROPINPUT=on"            >> $(CONFIG_ROOT)/optionsfw/settings
        echo  "DROPFORWARD=on"          >> $(CONFIG_ROOT)/optionsfw/settings
        echo  "FWPOLICY=DROP"           >> $(CONFIG_ROOT)/optionsfw/settings
@@ -130,6 +130,7 @@ $(TARGET) :
        echo  "SHOWDROPDOWN=off"        >> $(CONFIG_ROOT)/optionsfw/settings
        echo  "DROPWIRELESSINPUT=on"    >> $(CONFIG_ROOT)/optionsfw/settings
        echo  "DROPWIRELESSFORWARD=on"  >> $(CONFIG_ROOT)/optionsfw/settings
+       echo  "DROPSPOOFEDMARTIAN=on"   >> $(CONFIG_ROOT)/optionsfw/settings
        echo  "POLICY=MODE2"            >> $(CONFIG_ROOT)/firewall/settings
        echo  "POLICY1=MODE2"           >> $(CONFIG_ROOT)/firewall/settings
        echo  "USE_ISP_NAMESERVERS=on"  >> $(CONFIG_ROOT)/dns/settings
Peter's tree of IPFire 2.x