slitaz-tools diff etc/init.d/firewall @ rev 998
slitaz-tools/fr.po: typo
| author | Pascal Bellard <pascal.bellard@slitaz.org> |
|---|---|
| date | Mon Sep 19 08:53:56 2016 +0200 (2016-09-19) |
| parents | 91dc7e3eab55 |
| children |
line diff
1.1 --- a/etc/init.d/firewall Fri Jun 01 14:04:34 2012 +0200 1.2 +++ b/etc/init.d/firewall Mon Sep 19 08:53:56 2016 +0200 1.3 @@ -4,6 +4,7 @@ 1.4 # Configuration file : /etc/slitaz/firewall.conf 1.5 # Firewall script : /etc/slitaz/firewall.sh 1.6 # 1.7 + 1.8 . /etc/init.d/rc.functions 1.9 . /etc/slitaz/firewall.conf 1.10 1.11 @@ -13,6 +14,7 @@ 1.12 # 1.13 if [ "$KERNEL_SECURITY" = "yes" ] ; then 1.14 echo -n "Setting up kernel security rules... " 1.15 + 1.16 # ICMP redirects acceptance. 1.17 for conf in /proc/sys/net/ipv4/conf/*/accept_redirects ; do 1.18 echo "0" > $conf 1.19 @@ -20,14 +22,17 @@ 1.20 for conf in /proc/sys/net/ipv4/conf/*/secure_redirects ; do 1.21 echo "0" > $conf 1.22 done 1.23 + 1.24 # IP source routing. 1.25 for conf in /proc/sys/net/ipv4/conf/*/accept_source_route ; do 1.26 echo "0" > $conf 1.27 done 1.28 + 1.29 # Log impossible addresses. 1.30 for conf in /proc/sys/net/ipv4/conf/*/log_martians ; do 1.31 echo "1" > $conf 1.32 done 1.33 + 1.34 # Ip spoofing protection 1.35 for conf in /proc/sys/net/ipv4/conf/*/rp_filter; do 1.36 echo "1" > $conf