diff options
author | Bill Marquette <billm@pfsense.org> | 2005-03-04 16:51:49 +0000 |
---|---|---|
committer | Bill Marquette <billm@pfsense.org> | 2005-03-04 16:51:49 +0000 |
commit | 36fcb5d4828a908c61003500fe8d92bedfffec08 (patch) | |
tree | f6dbf5183c16bd4f49bff658008981f3c23d1b76 /etc | |
parent | 355229d0f3125699c6acd0c994da754af893ddfe (diff) | |
download | pfsense-36fcb5d4828a908c61003500fe8d92bedfffec08.zip pfsense-36fcb5d4828a908c61003500fe8d92bedfffec08.tar.gz |
move ssh lockout outside of the foreach user rule loop so we only have one instance of the rule
Diffstat (limited to 'etc')
-rw-r--r-- | etc/inc/filter.inc | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc index b8d0fdc..986d9fb 100644 --- a/etc/inc/filter.inc +++ b/etc/inc/filter.inc @@ -1571,11 +1571,13 @@ EOD; $ipfrules .= $line; } - $ipfrules .= "block in log quick proto tcp from <sshlockout> to any port 22 label \"sshlockout\"\n\n"; $i++; } + $ipfrules .= "\n# SSH lockout\n" + $ipfrules .= "block in log quick proto tcp from <sshlockout> to any port 22 label \"sshlockout\"\n\n"; + $ipfrules .= "\n# VPN Rules\n"; $lan_ip = $config['interfaces']['lan']['ipaddr']; $lan_subnet = $config['interfaces']['lan']['subnet']; |