KumiSystems/openwrtv4
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
openwrtv4/package/firewall/files
History
Jo-Philipp Wich ad23dd94b6 firewall: provide examples of ssh port relocation on firewall and IPsec passthrough Two examples of potentially useful configurations (commented out, of course): 
(a) map the ssh service running on the firewall to 22001 externally, without modifying the configuration of the daemon itself. this allows port 22 on the WAN side to then be port-forwarded to a
LAN-based machine if desired, or if not, simply obscures the port from external attack.

(b) allow IPsec/ESP and ISAKMP (UDP-based key exchange) to happen by default. useful for most modern VPN clients you might have on your WAN.

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>

SVN-Revision: 26805
2011-05-02 12:54:31 +00:00
..
bin firewall: - replace uci firewall with a modular dual stack implementation developed by Malte S. Stretz - bump version to 2 2010-05-01 18:22:01 +00:00
lib firewall: provide examples of ssh port relocation on firewall and IPsec passthrough Two examples of potentially useful configurations (commented out, of course): 2011-05-02 12:54:31 +00:00
firewall.config firewall: provide examples of ssh port relocation on firewall and IPsec passthrough Two examples of potentially useful configurations (commented out, of course): 2011-05-02 12:54:31 +00:00
firewall.hotplug firewall: run ifdown hotplug events synchronized, fixes a racecondition on "ifup iface" when ifdown and ifup events are delivered with a small dealy 2010-09-15 01:53:36 +00:00
firewall.init firewall (#7355) - partially revert r21486, start firewall on init again - skip iface hotplug events if base fw is not up yet - get ifname and up state with uci_get_state() in iface setup since the values gathered by scan_interfaces() may be outdated when iface coldplugging happens (observed with pptp) - ignore up state when bringing down interfaces because ifdown reverts state vars before dispatching the iface event - bump package revision 2010-05-19 00:50:14 +00:00
firewall.upgrade Keep firewall.user during sysupgrades 2011-03-20 00:57:47 +00:00
firewall.user firewall: enable /etc/firewall.user by default and install sample firewall.user file 2009-04-12 22:38:34 +00:00
reflection.hotplug firewall: also establish forward rules when setting up nat reflection, back out early if reflection is disabled 2010-10-03 18:11:59 +00:00