firewall: comply with REC-22, REC-24 of RFC 6092

Signed-off-by: Steven Barth <steven@midlink.org> SVN-Revision: 46478
2015-07-24 10:00:45 +00:00 · 2015-07-24 10:00:45 +00:00 · f6abd042c2
commit f6abd042c2
parent 1b6a6abf04
2 changed files with 12 additions and 13 deletions
--- a/package/network/config/firewall/Makefile
+++ b/package/network/config/firewall/Makefile
@ -8,7 +8,7 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=firewall
-PKG_VERSION:=2015-05-26
+PKG_VERSION:=2015-07-22
 PKG_RELEASE:=$(PKG_SOURCE_VERSION)

 PKG_SOURCE_PROTO:=git
--- a/package/network/config/firewall/files/firewall.config
+++ b/package/network/config/firewall/files/firewall.config
@ -159,19 +159,18 @@ config include
 #	option proto		tcp

 # allow IPsec/ESP and ISAKMP passthrough
-#config rule
-#	option src		wan
-#	option dest		lan
-#	option protocol		esp
-#	option target		ACCEPT
+config rule
+	option src		wan
+	option dest		lan
+	option protocol		esp
+	option target		ACCEPT

-#config rule
-#	option src		wan
-#	option dest		lan
-#	option src_port		500
-#	option dest_port	500
-#	option proto		udp
-#	option target		ACCEPT
+config rule
+	option src		wan
+	option dest		lan
+	option dest_port	500
+	option proto		udp
+	option target		ACCEPT

 ### FULL CONFIG SECTIONS
 #config rule