summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authordm <dm@cvs.openbsd.org>1996-10-01 16:48:25 +0000
committerdm <dm@cvs.openbsd.org>1996-10-01 16:48:25 +0000
commit0dd1fed7ed1be98967438cd60621f742ae5322b3 (patch)
tree6a44101add4e50ce37fce586297ca1d38108d273
parentb05189199bdedd4f50bb6a4f0791bf59b3cb84e1 (diff)
return-rst on incoming auth connections (should speed things up)
-rw-r--r--share/ipf/firewall.22
1 files changed, 1 insertions, 1 deletions
diff --git a/share/ipf/firewall.2 b/share/ipf/firewall.2
index db26e7d7667..9a73215748b 100644
--- a/share/ipf/firewall.2
+++ b/share/ipf/firewall.2
@@ -43,7 +43,7 @@ pass in on ppp0 proto udp from any to any port = ntalk
# forever timing out. Don't log ident (auth port) as it's so common.
#
block return-rst in log on ppp0 proto tcp from any to any flags S/SA
-block in on ppp0 proto tcp from any to any port = auth flags S/SA
+block return-rst in on ppp0 proto tcp from any to any port = auth flags S/SA
#
# Allow incoming TCP connections to ports between 1024 and 5000, as
# these don't have daemons listening but are used by outgoing