summaryrefslogtreecommitdiff
path: root/contrib/ipfilter/rules/example.8
diff options
context:
space:
mode:
Diffstat (limited to 'contrib/ipfilter/rules/example.8')
-rw-r--r--contrib/ipfilter/rules/example.810
1 files changed, 10 insertions, 0 deletions
diff --git a/contrib/ipfilter/rules/example.8 b/contrib/ipfilter/rules/example.8
new file mode 100644
index 000000000000..baa02581256e
--- /dev/null
+++ b/contrib/ipfilter/rules/example.8
@@ -0,0 +1,10 @@
+#
+# block all incoming TCP connections but send back a TCP-RST for ones to
+# the ident port
+#
+block in proto tcp from any to any flags S/SA
+block return-rst in quick proto tcp from any to any port = 113 flags S/SA
+#
+# block all inbound UDP packets and send back an ICMP error.
+#
+block return-icmp in proto udp from any to any
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-25 06:44:12 +0000