diff options
author | Ermal Luçi <eri@pfsense.org> | 2009-11-11 18:31:32 +0000 |
---|---|---|
committer | Ermal Luçi <eri@pfsense.org> | 2009-11-11 18:31:32 +0000 |
commit | 0bcff7b2a69aaa89853944d1ff1b27e1686be88d (patch) | |
tree | 983a6ca067d0b4ca4d46a40b936bac09676acf17 /etc | |
parent | 6ec23212f506545768f7838062d461af32596984 (diff) | |
download | pfsense-0bcff7b2a69aaa89853944d1ff1b27e1686be88d.zip pfsense-0bcff7b2a69aaa89853944d1ff1b27e1686be88d.tar.gz |
Allow udp only from/to our local dns server. If wanted pass through can be added.
Diffstat (limited to 'etc')
-rw-r--r-- | etc/inc/captiveportal.inc | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/etc/inc/captiveportal.inc b/etc/inc/captiveportal.inc index 8e903c7..e99d66c 100644 --- a/etc/inc/captiveportal.inc +++ b/etc/inc/captiveportal.inc @@ -385,9 +385,9 @@ EOD; $cprules .= "add {$rulenum} set 1 pass icmp from any to {$cpip} in icmptype 0 \n"; $rulenum++; //# allow access to our DNS forwarder - $cprules .= "add {$rulenum} set 1 pass udp from any to any 53 in \n"; + $cprules .= "add {$rulenum} set 1 pass udp from {$cpip} to any 53 in \n"; $rulenum++; - $cprules .= "add {$rulenum} set 1 pass udp from any 53 to any out \n"; + $cprules .= "add {$rulenum} set 1 pass udp from {$cpip} 53 to any out \n"; $rulenum++; # allow access to our web server $cprules .= "add {$rulenum} set 1 pass tcp from any to {$cpip} 8000 in \n"; |