foo.sh/ansible
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

pf: Don't allow ospf packets on fsol gw hosts

Browse source
This commit is contained in:
Timo Makinen 2023-04-29 14:39:40 +00:00
parent fe1feb61d1
commit 142325765b
1 changed files with 0 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
roles/pf/files/pf.conf.gw_fsol
View file

@ -50,8 +50,6 @@ pass out quick on $ext_if from self to any keep state (no-sync)
pass quick on $sync_if proto pfsync keep state (no-sync) pass quick on $sync_if proto pfsync keep state (no-sync)
# fsol (router) network # fsol (router) network
pass in quick on $fsol_if proto ospf from any to any
pass out quick on $fsol_if proto ospf from self to any
pass in quick on $fsol_if inet from any to $dmz_net pass in quick on $fsol_if inet from any to $dmz_net
pass out quick on $fsol_if inet from $dmz_net to any pass out quick on $fsol_if inet from $dmz_net to any
pass out quick on $fsol_if inet from self to any pass out quick on $fsol_if inet from self to any