Module Name: src
Committed By: sevan
Date: Sat Sep 21 11:46:25 UTC 2019
Modified Files:
src/share/examples/npf: host-npf.conf
Log Message:
With bin/54124 fixed, the rule needs to be explicitly set to stateful.
To generate a diff of this commit:
cvs rdiff -u -r1.10 -r1.11 src/share/examples/npf/host-npf.conf
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/share/examples/npf/host-npf.conf
diff -u src/share/examples/npf/host-npf.conf:1.10 src/share/examples/npf/host-npf.conf:1.11
--- src/share/examples/npf/host-npf.conf:1.10 Tue Apr 16 10:52:28 2019
+++ src/share/examples/npf/host-npf.conf Sat Sep 21 11:46:25 2019
@@ -1,4 +1,4 @@
-# $NetBSD: host-npf.conf,v 1.10 2019/04/16 10:52:28 sevan Exp $
+# $NetBSD: host-npf.conf,v 1.11 2019/09/21 11:46:25 sevan Exp $
#
# Simple ruleset for a host with (i.e., not routing) two interfaces,
# ethernet and wifi.
@@ -31,7 +31,7 @@ group "wired" on $wired_if {
ruleset "blacklistd"
# Allow SSH on wired interface and log all connection attempts
- pass in on $wired_if proto tcp to $wired_addrs port ssh apply "log"
+ pass stateful in on $wired_if proto tcp to $wired_addrs port ssh apply "log"
}
group "wifi" on $wifi_if {
