summaryrefslogtreecommitdiffstats
path: root/package/firewall/files
diff options
context:
space:
mode:
Diffstat (limited to 'package/firewall/files')
-rw-r--r--package/firewall/files/firewall.config26
1 files changed, 13 insertions, 13 deletions
diff --git a/package/firewall/files/firewall.config b/package/firewall/files/firewall.config
index 632292265..4f2dc4821 100644
--- a/package/firewall/files/firewall.config
+++ b/package/firewall/files/firewall.config
@@ -1,7 +1,7 @@
config defaults
option syn_flood 1
option input ACCEPT
- option output ACCEPT
+ option output ACCEPT
option forward REJECT
# Uncomment this line to disable ipv6 rules
# option disable_ipv6 1
@@ -9,22 +9,22 @@ config defaults
config zone
option name lan
option network 'lan'
- option input ACCEPT
- option output ACCEPT
+ option input ACCEPT
+ option output ACCEPT
option forward REJECT
config zone
option name wan
option network 'wan'
option input REJECT
- option output ACCEPT
+ option output ACCEPT
option forward REJECT
- option masq 1
+ option masq 1
option mtu_fix 1
-config forwarding
- option src lan
- option dest wan
+config forwarding
+ option src lan
+ option dest wan
# We need to accept udp packets on port 68,
# see https://dev.openwrt.org/ticket/4108
@@ -77,7 +77,7 @@ config rule
option target ACCEPT
# Allow essential forwarded IPv6 ICMP traffic
-config rule
+config rule
option name Allow-ICMPv6-Forward
option src wan
option dest *
@@ -105,13 +105,13 @@ config include
# option src_ip 192.168.45.2
# option dest wan
# option proto tcp
-# option target REJECT
+# option target REJECT
# block a specific mac on wan
#config rule
# option dest wan
# option src_mac 00:11:22:33:44:66
-# option target REJECT
+# option target REJECT
# block incoming ICMP traffic on a zone
#config rule
@@ -125,7 +125,7 @@ config include
# option src_dport 80
# option dest lan
# option dest_ip 192.168.16.235
-# option dest_port 80
+# option dest_port 80
# option proto tcp
# port redirect of remapped ssh port (22001) on wan
@@ -161,7 +161,7 @@ config include
# option dest_ip 194.25.2.129
# option dest_port 120
# option proto tcp
-# option target REJECT
+# option target REJECT
#config redirect
# option src lan