Signed-off-by: Tom Weber <p...@junkyard.4t2.com> --- src/PVE/Firewall.pm | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-)
diff --git a/src/PVE/Firewall.pm b/src/PVE/Firewall.pm index c7ddd10..f009e58 100644 --- a/src/PVE/Firewall.pm +++ b/src/PVE/Firewall.pm @@ -586,10 +586,10 @@ $pve_std_chains_conf->{4} = { # Drop packets with INVALID state { action => 'DROP', match => '-m conntrack --ctstate INVALID', }, # Drop Microsoft SMB noise - { action => 'DROP', proto => 'udp', dport => '135,445', nbdport => 2 }, - { action => 'DROP', proto => 'udp', dport => '137:139'}, + { action => 'DROP', proto => 'udp', dport => '135,445' }, + { action => 'DROP', proto => 'udp', dport => '137:139' }, { action => 'DROP', proto => 'udp', dport => '1024:65535', sport => 137 }, - { action => 'DROP', proto => 'tcp', dport => '135,139,445', nbdport => 3 }, + { action => 'DROP', proto => 'tcp', dport => '135,139,445' }, { action => 'DROP', proto => 'udp', dport => 1900 }, # UPnP # Drop new/NotSyn traffic so that it doesn't get logged { action => 'DROP', match => '-p tcp -m tcp ! --tcp-flags FIN,SYN,RST,ACK SYN' }, @@ -609,10 +609,10 @@ $pve_std_chains_conf->{4} = { # Drop packets with INVALID state { action => 'DROP', match => '-m conntrack --ctstate INVALID', }, # Drop Microsoft SMB noise - { action => 'PVEFW-reject', proto => 'udp', dport => '135,445', nbdport => 2 }, + { action => 'PVEFW-reject', proto => 'udp', dport => '135,445' }, { action => 'PVEFW-reject', proto => 'udp', dport => '137:139'}, { action => 'PVEFW-reject', proto => 'udp', dport => '1024:65535', sport => 137 }, - { action => 'PVEFW-reject', proto => 'tcp', dport => '135,139,445', nbdport => 3 }, + { action => 'PVEFW-reject', proto => 'tcp', dport => '135,139,445' }, { action => 'DROP', proto => 'udp', dport => 1900 }, # UPnP # Drop new/NotSyn traffic so that it doesn't get logged { action => 'DROP', match => '-p tcp -m tcp ! --tcp-flags FIN,SYN,RST,ACK SYN' }, @@ -682,10 +682,10 @@ $pve_std_chains_conf->{6} = { # Drop packets with INVALID state { action => 'DROP', match => '-m conntrack --ctstate INVALID', }, # Drop Microsoft SMB noise - { action => 'DROP', proto => 'udp', dport => '135,445', nbdport => 2 }, + { action => 'DROP', proto => 'udp', dport => '135,445' }, { action => 'DROP', proto => 'udp', dport => '137:139'}, { action => 'DROP', proto => 'udp', dport => '1024:65535', sport => 137 }, - { action => 'DROP', proto => 'tcp', dport => '135,139,445', nbdport => 3 }, + { action => 'DROP', proto => 'tcp', dport => '135,139,445' }, { action => 'DROP', proto => 'udp', dport => 1900 }, # UPnP # Drop new/NotSyn traffic so that it doesn't get logged { action => 'DROP', match => '-p tcp -m tcp ! --tcp-flags FIN,SYN,RST,ACK SYN' }, @@ -706,10 +706,10 @@ $pve_std_chains_conf->{6} = { # Drop packets with INVALID state { action => 'DROP', match => '-m conntrack --ctstate INVALID', }, # Drop Microsoft SMB noise - { action => 'PVEFW-reject', proto => 'udp', dport => '135,445', nbdport => 2 }, - { action => 'PVEFW-reject', proto => 'udp', dport => '137:139'}, + { action => 'PVEFW-reject', proto => 'udp', dport => '135,445' }, + { action => 'PVEFW-reject', proto => 'udp', dport => '137:139' }, { action => 'PVEFW-reject', proto => 'udp', dport => '1024:65535', sport => 137 }, - { action => 'PVEFW-reject', proto => 'tcp', dport => '135,139,445', nbdport => 3 }, + { action => 'PVEFW-reject', proto => 'tcp', dport => '135,139,445' }, { action => 'DROP', proto => 'udp', dport => 1900 }, # UPnP # Drop new/NotSyn traffic so that it doesn't get logged { action => 'DROP', match => '-p tcp -m tcp ! --tcp-flags FIN,SYN,RST,ACK SYN' }, -- 2.7.4 _______________________________________________ pve-devel mailing list pve-devel@pve.proxmox.com https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel