diff options
author | Ermal <eri@pfsense.org> | 2011-08-30 16:19:00 +0000 |
---|---|---|
committer | Ermal <eri@pfsense.org> | 2011-08-30 16:19:00 +0000 |
commit | 8a4f3015e44007dad22a6e1821f678293cf703a4 (patch) | |
tree | a35ae68c24df6f805c9beaadd76f44b27de55937 | |
parent | b09434095436ee136ada358041aafc0552f75672 (diff) | |
download | pfsense-8a4f3015e44007dad22a6e1821f678293cf703a4.zip pfsense-8a4f3015e44007dad22a6e1821f678293cf703a4.tar.gz |
Make the webConfigurator lockout rule to catch even edp protocol so that xmlrpc bruteforce is caught as well.
-rw-r--r-- | etc/inc/filter.inc | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc index 8d1aede..1f545d0 100644 --- a/etc/inc/filter.inc +++ b/etc/inc/filter.inc @@ -2278,7 +2278,7 @@ EOD; $webConfiguratorlockoutport = $config['system']['webgui']['port']; } if($webConfiguratorlockoutport) - $ipfrules .= "block in log quick proto tcp from <webConfiguratorlockout> to any port {$webConfiguratorlockoutport} label \"webConfiguratorlockout\"\n"; + $ipfrules .= "block in log quick proto { tcp udp } from <webConfiguratorlockout> to any port {$webConfiguratorlockoutport} label \"webConfiguratorlockout\"\n"; /* * Support for allow limiting of TCP connections by establishment rate |