From e1b00687ef256cfc29e7e1a2f02d8251ae6753df Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ermal=20Lu=C3=A7i?= <eri@pfsense.org>
Date: Fri, 28 Nov 2008 22:31:32 +0000
Subject: Add the quick option for the ftp-proxy rules until a better way of
 doing this comes up.

---
 etc/inc/filter.inc | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'etc')

diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc
index 58234bf..612cb63 100644
--- a/etc/inc/filter.inc
+++ b/etc/inc/filter.inc
@@ -2050,7 +2050,7 @@ EOD;
 	$ipfrules .= "\nanchor \"ftp-proxy/*\"\n";
 	if(!isset($config['system']['disableftpproxy'])) {
 		$ipfrules .= "\n# enable ftp-proxy\n";
-		$ipfrules .= "pass in inet proto tcp tagged PFFTPPROXY flags S/SA keep state label \"FTP PROXY: Allow traffic to localhost\"\n";
+		$ipfrules .= "pass in quick inet proto tcp tagged PFFTPPROXY flags S/SA keep state label \"FTP PROXY: Allow traffic to localhost\"\n";
 
 		if (isset($config['system']['rfc959workaround'])) {
 			$ipfrules .= <<<EODEOD
@@ -2063,7 +2063,7 @@ EODEOD;
 			foreach ($FilterIflist as $ftpif => $ftpifcfg) {
 				if ($ftpifcfg['ftpproxy'] == true)
 					$ipfrules .= <<<EOD
-pass in on {$ftpifcfg['if']} inet proto tcp from port 20 to ({$ftpifcfg['if']}) port > 49000 flags S/SA keep state label "FTP PROXY: PASV mode data connection"
+pass in quick on {$ftpifcfg['if']} inet proto tcp from port 20 to ({$ftpifcfg['if']}) port > 49000 flags S/SA keep state label "FTP PROXY: PASV mode data connection"
 
 EOD;
 			}
-- 
cgit v1.1