diff options
author | Ermal Luçi <eri@pfsense.org> | 2008-11-28 22:31:32 +0000 |
---|---|---|
committer | Ermal Luçi <eri@pfsense.org> | 2008-11-28 22:31:32 +0000 |
commit | e1b00687ef256cfc29e7e1a2f02d8251ae6753df (patch) | |
tree | 8109e4d3e6230b393c37f1105444d8c34c2a0d1e /etc/inc | |
parent | a87c88106ab366f046baf0f459c445a055eea5f9 (diff) | |
download | pfsense-e1b00687ef256cfc29e7e1a2f02d8251ae6753df.zip pfsense-e1b00687ef256cfc29e7e1a2f02d8251ae6753df.tar.gz |
Add the quick option for the ftp-proxy rules until a better way of doing this comes up.
Diffstat (limited to 'etc/inc')
-rw-r--r-- | etc/inc/filter.inc | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc index 58234bf..612cb63 100644 --- a/etc/inc/filter.inc +++ b/etc/inc/filter.inc @@ -2050,7 +2050,7 @@ EOD; $ipfrules .= "\nanchor \"ftp-proxy/*\"\n"; if(!isset($config['system']['disableftpproxy'])) { $ipfrules .= "\n# enable ftp-proxy\n"; - $ipfrules .= "pass in inet proto tcp tagged PFFTPPROXY flags S/SA keep state label \"FTP PROXY: Allow traffic to localhost\"\n"; + $ipfrules .= "pass in quick inet proto tcp tagged PFFTPPROXY flags S/SA keep state label \"FTP PROXY: Allow traffic to localhost\"\n"; if (isset($config['system']['rfc959workaround'])) { $ipfrules .= <<<EODEOD @@ -2063,7 +2063,7 @@ EODEOD; foreach ($FilterIflist as $ftpif => $ftpifcfg) { if ($ftpifcfg['ftpproxy'] == true) $ipfrules .= <<<EOD -pass in on {$ftpifcfg['if']} inet proto tcp from port 20 to ({$ftpifcfg['if']}) port > 49000 flags S/SA keep state label "FTP PROXY: PASV mode data connection" +pass in quick on {$ftpifcfg['if']} inet proto tcp from port 20 to ({$ftpifcfg['if']}) port > 49000 flags S/SA keep state label "FTP PROXY: PASV mode data connection" EOD; } |