diff options
| author |   dm <dm@openbsd.org> | 1996-10-01 16:48:24 +0000 |
|---|---|---|
| committer | dm <dm@openbsd.org> | 1996-10-01 16:48:24 +0000 |
| commit | c9101b49f3d4f27e42d938f13d411bdd298a87d6 (patch) | |
| tree | d2e26c188024580ca44403cfee8db3a16815a75c | |
| parent | Make it compilable even if NUMBOOT=1 (vax). -moj (diff) | |
| download | wireguard-openbsd-c9101b49f3d4f27e42d938f13d411bdd298a87d6.tar.xz wireguard-openbsd-c9101b49f3d4f27e42d938f13d411bdd298a87d6.zip | |
return-rst on incoming auth connections (should speed things up)
| -rw-r--r-- | share/ipf/firewall.2 | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/share/ipf/firewall.2 b/share/ipf/firewall.2 index db26e7d7667..9a73215748b 100644 --- a/share/ipf/firewall.2 +++ b/share/ipf/firewall.2 @@ -43,7 +43,7 @@ pass in on ppp0 proto udp from any to any port = ntalk # forever timing out. Don't log ident (auth port) as it's so common. # block return-rst in log on ppp0 proto tcp from any to any flags S/SA -block in on ppp0 proto tcp from any to any port = auth flags S/SA +block return-rst in on ppp0 proto tcp from any to any port = auth flags S/SA # # Allow incoming TCP connections to ports between 1024 and 5000, as # these don't have daemons listening but are used by outgoing |