diff options
| author | Rebecca Cran <brucec@FreeBSD.org> | 2011-02-19 14:57:00 +0000 |
|---|---|---|
| committer | Rebecca Cran <brucec@FreeBSD.org> | 2011-02-19 14:57:00 +0000 |
| commit | 9c73eae9c42570b7c44a34f79a5387d15de65f45 (patch) | |
| tree | 013be9e2f97c285fc86185548fcc7ace7fecab33 /share | |
| parent | c67f41d01dd9fca603d1887a55931804888dca5b (diff) | |
| download | src-9c73eae9c42570b7c44a34f79a5387d15de65f45.tar.gz src-9c73eae9c42570b7c44a34f79a5387d15de65f45.zip | |
Update the icmp example to show allowing only the safe types.
Suggested by: Tom Judge <tom at tomjudge.com>
MFC after: 3 days
Notes
Notes:
svn path=/head/; revision=218854
Diffstat (limited to 'share')
| -rw-r--r-- | share/examples/pf/pf.conf | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/share/examples/pf/pf.conf b/share/examples/pf/pf.conf index ad494c7ed782..299999df8041 100644 --- a/share/examples/pf/pf.conf +++ b/share/examples/pf/pf.conf @@ -32,4 +32,4 @@ #pass in on $ext_if proto tcp to ($ext_if) port ssh #pass in log on $ext_if proto tcp to ($ext_if) port smtp #pass out log on $ext_if proto tcp from ($ext_if) to port smtp -#pass in on $ext_if proto icmp to ($ext_if) +#pass in on $ext_if inet proto icmp from any to ($ext_if) icmp-type { unreach, redir, timex } |