diff options
author | Ermal <eri@pfsense.org> | 2011-08-30 16:18:29 +0000 |
---|---|---|
committer | Ermal <eri@pfsense.org> | 2011-08-30 16:18:29 +0000 |
commit | cde671805cccb380e60acb35374a23d3a7f48a99 (patch) | |
tree | 9216ff16437d74549d011085e0e5496f39a3cdd6 /etc | |
parent | fcf07bb76fb58556bee76f4e3898ee769b2785d5 (diff) | |
download | pfsense-cde671805cccb380e60acb35374a23d3a7f48a99.zip pfsense-cde671805cccb380e60acb35374a23d3a7f48a99.tar.gz |
Make the webConfigurator lockout rule to catch even edp protocol so that xmlrpc bruteforce is caught as well.
Diffstat (limited to 'etc')
-rw-r--r-- | etc/inc/filter.inc | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc index 18e5067..3e1a40b 100644 --- a/etc/inc/filter.inc +++ b/etc/inc/filter.inc @@ -2129,7 +2129,7 @@ EOD; $webConfiguratorlockoutport = $config['system']['webgui']['port']; } if($webConfiguratorlockoutport) - $ipfrules .= "block in log quick proto tcp from <webConfiguratorlockout> to any port {$webConfiguratorlockoutport} label \"webConfiguratorlockout\"\n"; + $ipfrules .= "block in log quick proto { tcp udp } from <webConfiguratorlockout> to any port {$webConfiguratorlockoutport} label \"webConfiguratorlockout\"\n"; /* * Support for allow limiting of TCP connections by establishment rate |