[Midnightbsd-cvs] src: rc.firewall: Add default rules for ntpd and avahi (ipv4)
laffer1 at midnightbsd.org
laffer1 at midnightbsd.org
Wed Oct 1 17:11:18 EDT 2008
Log Message:
-----------
Add default rules for ntpd and avahi (ipv4)
Modified Files:
--------------
src/etc:
rc.firewall (r1.4 -> r1.5)
-------------- next part --------------
Index: rc.firewall
===================================================================
RCS file: /home/cvs/src/etc/rc.firewall,v
retrieving revision 1.4
retrieving revision 1.5
diff -L etc/rc.firewall -L etc/rc.firewall -u -r1.4 -r1.5
--- etc/rc.firewall
+++ etc/rc.firewall
@@ -158,6 +158,18 @@
${fwcmd} add pass tcp from any to me 22 setup
;;
esac
+ case ${ntpd_enable} in
+ [Yy][[Ee][Ss])
+ # Allow NTP queries out in the world
+ ${fwcmd} add pass udp from me to any 123 keep-state
+ ;;
+ esac
+ case ${avahi_daemon_enable} in
+ [Yy][Ee][Ss])
+ # Avahi multicast dns (XXX: this should be local subnet)
+ ${fwcmd} add pass udp from any 5353 to any 1024-65535 in
+ ;;
+ esac
${fwcmd} add 65000 deny tcp from any to any
${fwcmd} add 65100 deny icmp from any to me in icmptypes 8
${fwcmd} add 65200 allow all from any to any
More information about the Midnightbsd-cvs
mailing list