diff options
| author | obrien <obrien@FreeBSD.org> | 2001-03-05 20:51:40 +0000 |
|---|---|---|
| committer | obrien <obrien@FreeBSD.org> | 2001-03-05 20:51:40 +0000 |
| commit | 724856f88e1ffb72fefd7587d42aef40e12a9c69 (patch) | |
| tree | 2753b47856e2df2e7cfbf8ff1e4d96421896da70 | |
| parent | cd006e6a5c321fb303d77f74ce0ee3c15ac868cd (diff) | |
| download | FreeBSD-src-724856f88e1ffb72fefd7587d42aef40e12a9c69.zip FreeBSD-src-724856f88e1ffb72fefd7587d42aef40e12a9c69.tar.gz | |
Also deny 127.0.0.0/8 going out.
Submitted by: grimes
| -rw-r--r-- | etc/rc.firewall | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/etc/rc.firewall b/etc/rc.firewall index 1755985..3001f58 100644 --- a/etc/rc.firewall +++ b/etc/rc.firewall @@ -128,8 +128,9 @@ esac # ${fwcmd} add 100 pass all from any to any via lo0 ${fwcmd} add 200 deny all from any to 127.0.0.0/8 +${fwcmd} add 300 deny ip from 127.0.0.0/8 to any # If you're using 'options BRIDGE', uncomment the following line to pass ARP -#${fwcmd} add 300 pass udp from 0.0.0.0 2054 to 0.0.0.0 +#${fwcmd} add 400 pass udp from 0.0.0.0 2054 to 0.0.0.0 # Prototype setups. |
