Module Name: src
Committed By: martin
Date: Tue Nov 19 10:58:30 UTC 2019
Modified Files:
src/share/examples/npf [netbsd-9]: host-npf.conf
Log Message:
Pull up following revision(s) (requested by sevan in ticket #445):
share/examples/npf/host-npf.conf: revision 1.11
With bin/54124 fixed, the rule needs to be explicitly set to stateful.
To generate a diff of this commit:
cvs rdiff -u -r1.10 -r1.10.2.1 src/share/examples/npf/host-npf.conf
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/share/examples/npf/host-npf.conf
diff -u src/share/examples/npf/host-npf.conf:1.10 src/share/examples/npf/host-npf.conf:1.10.2.1
--- src/share/examples/npf/host-npf.conf:1.10 Tue Apr 16 10:52:28 2019
+++ src/share/examples/npf/host-npf.conf Tue Nov 19 10:58:30 2019
@@ -1,4 +1,4 @@
-# $NetBSD: host-npf.conf,v 1.10 2019/04/16 10:52:28 sevan Exp $
+# $NetBSD: host-npf.conf,v 1.10.2.1 2019/11/19 10:58:30 martin Exp $
#
# Simple ruleset for a host with (i.e., not routing) two interfaces,
# ethernet and wifi.
@@ -31,7 +31,7 @@ group "wired" on $wired_if {
ruleset "blacklistd"
# Allow SSH on wired interface and log all connection attempts
- pass in on $wired_if proto tcp to $wired_addrs port ssh apply "log"
+ pass stateful in on $wired_if proto tcp to $wired_addrs port ssh apply "log"
}
group "wifi" on $wifi_if {
