firewall changes:

- implement a REJECT policy and enable it by default, reject packets with approriate response (closes: #3970) - cleanup syn_flood and remove logging git-svn-id: svn://svn.openwrt.org/openwrt/trunk@12688 3c298f89-4303-0410-b956-a3cf2f4a3e73
author: nico <nico@3c298f89-4303-0410-b956-a3cf2f4a3e73> 2008-09-24 15:10:16 +0000
committer: nico <nico@3c298f89-4303-0410-b956-a3cf2f4a3e73> 2008-09-24 15:10:16 +0000
commit: 1fa1f8e7d8a80c2fc893dd7c104a4977a30d3004 (patch)
tree: 0b83a91c7f2413667c7238fa94624316b2c779d6 /package/firewall/files/firewall.config
parent: ac9e683f8ac61059469b09ef4981f4a9ddf66b92 (diff)
1 files changed, 5 insertions, 5 deletions
diff --git a/package/firewall/files/firewall.config b/package/firewall/files/firewall.config
index fe5d38d2b..8ac904955 100755
--- a/package/firewall/files/firewall.config
+++ b/package/firewall/files/firewall.config
@@ -1,20 +1,20 @@
 config defaults
 	option syn_flood	1
-	option input		DROP 
+	option input		REJECT
 	option output		ACCEPT 
-	option forward		DROP 
+	option forward		REJECT
 
 config zone
 	option name		lan
 	option input	ACCEPT 
 	option output	ACCEPT 
-	option forward	DROP 
+	option forward	REJECT
 
 config zone
 	option name		wan
-	option input	DROP 
+	option input	REJECT
 	option output	ACCEPT 
-	option forward	DROP 
+	option forward	REJECT
 	option masq		1 
 
 config forwarding
author	nico <nico@3c298f89-4303-0410-b956-a3cf2f4a3e73>	2008-09-24 15:10:16 +0000
committer	nico <nico@3c298f89-4303-0410-b956-a3cf2f4a3e73>	2008-09-24 15:10:16 +0000
commit	1fa1f8e7d8a80c2fc893dd7c104a4977a30d3004 (patch)
tree	0b83a91c7f2413667c7238fa94624316b2c779d6 /package/firewall/files/firewall.config
parent	ac9e683f8ac61059469b09ef4981f4a9ddf66b92 (diff)