diff options
author | Chris Buechler <cmb@pfsense.org> | 2008-11-30 03:49:33 +0000 |
---|---|---|
committer | Chris Buechler <cmb@pfsense.org> | 2008-11-30 03:49:33 +0000 |
commit | 7c7fc6a269bccbf231637e66e03f104faf775310 (patch) | |
tree | 7811b50c4f68f65ff4837443ed915c94f126840c | |
parent | e5a4a0a5ef8b4b4bd9248ac3a59c28b92947092a (diff) | |
download | pfsense-7c7fc6a269bccbf231637e66e03f104faf775310.zip pfsense-7c7fc6a269bccbf231637e66e03f104faf775310.tar.gz |
return works fine with any firewall rule. it doesn't return anything for protos other than TCP, UDP, or TCP/UDP, but is valid in all rules. never exclude it.
-rw-r--r-- | etc/inc/filter.inc | 10 |
1 files changed, 1 insertions, 9 deletions
diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc index 7afa6bb..c3b711f 100644 --- a/etc/inc/filter.inc +++ b/etc/inc/filter.inc @@ -1479,15 +1479,7 @@ function generate_user_filter_rule($rule, $ngcounter) { if ($type == "reject") { /* special reject packet */ - if ($rule['protocol'] == "tcp") { - $aline['type'] = "block return-rst"; - } else if ($rule['protocol'] == "udp") { - $aline['type'] = "block return-icmp"; - } else if ($rule['protocol'] == "tcp/udp") { - $aline['type'] = "block return"; - } else { - $aline['type'] = "block"; - } + $aline['type'] = "block return"; } else { $aline['type'] = $type; } |