firewall changes: - implement a REJECT policy and enable it by default, reject packets with approriate response (closes: #3970) - cleanup syn_flood and remove logging

SVN-Revision: 12688
author: Nicolas Thill <nico@openwrt.org> 2008-09-24 15:10:16 +0000
committer: Nicolas Thill <nico@openwrt.org> 2008-09-24 15:10:16 +0000
commit: d7810ed63e079a8a6852cf24fd564c44509312de (patch)
tree: f38902bc56c065085e4c24b9419d89e241c5f555 /package/firewall/files/firewall.config
parent: 73bbafd32a6b611dae4657e2fd821435f58657b5 (diff)
download: upstream-d7810ed63e079a8a6852cf24fd564c44509312de.tar.gz
upstream-d7810ed63e079a8a6852cf24fd564c44509312de.tar.bz2
upstream-d7810ed63e079a8a6852cf24fd564c44509312de.zip
1 files changed, 5 insertions, 5 deletions
diff --git a/package/firewall/files/firewall.config b/package/firewall/files/firewall.config
index fe5d38d2b9..8ac9049553 100755
--- a/package/firewall/files/firewall.config
+++ b/package/firewall/files/firewall.config
@@ -1,20 +1,20 @@
 config defaults
 	option syn_flood	1
-	option input		DROP 
+	option input		REJECT
 	option output		ACCEPT 
-	option forward		DROP 
+	option forward		REJECT
 
 config zone
 	option name		lan
 	option input	ACCEPT 
 	option output	ACCEPT 
-	option forward	DROP 
+	option forward	REJECT
 
 config zone
 	option name		wan
-	option input	DROP 
+	option input	REJECT
 	option output	ACCEPT 
-	option forward	DROP 
+	option forward	REJECT
 	option masq		1 
 
 config forwarding
author	Nicolas Thill <nico@openwrt.org>	2008-09-24 15:10:16 +0000
committer	Nicolas Thill <nico@openwrt.org>	2008-09-24 15:10:16 +0000
commit	d7810ed63e079a8a6852cf24fd564c44509312de (patch)
tree	f38902bc56c065085e4c24b9419d89e241c5f555 /package/firewall/files/firewall.config
parent	73bbafd32a6b611dae4657e2fd821435f58657b5 (diff)
download	upstream-d7810ed63e079a8a6852cf24fd564c44509312de.tar.gz upstream-d7810ed63e079a8a6852cf24fd564c44509312de.tar.bz2 upstream-d7810ed63e079a8a6852cf24fd564c44509312de.zip