Hi all!
In OpenWrt the /etc/config/firewall file has this defaults:
config 'defaults'
option 'syn_flood' '1'
option 'input' 'DROP'
option 'output' 'DROP'
option 'forward' 'DROP'
In Gargoyle (v1.1.7 for Atheros) it is:
config 'defaults'
option 'syn_flood' '1'
option 'input' 'ACCEPT'
option 'output' 'ACCEPT'
option 'forward' 'REJECT'
The OpenWrt version is clearly much more secure than the Gargoyle approach.
Is there any reason for this Gargoyle change in the firewall file?
Why Gargoyle just don't let it standard?
OpenWrt x Gargoyle - different Firewall defaults. Why?
Moderator: Moderators
-
wilsonhlacerda
- Posts: 20
- Joined: Mon Mar 08, 2010 5:47 pm
Re: OpenWrt x Gargoyle - different Firewall defaults. Why?
It is standard. See here.
-
wilsonhlacerda
- Posts: 20
- Joined: Mon Mar 08, 2010 5:47 pm
Re: OpenWrt x Gargoyle - different Firewall defaults. Why?
Weird!!!
OpenWrt Wiki shows different default:
http://wiki.openwrt.org/doc/uci/firewall
Beside that I google/searched OpenWrt forum and found some users' paste just like the Wiki.
And it makes completely sense to use drop as defaults, for security reasons.
Thanks for reply!
OpenWrt Wiki shows different default:
http://wiki.openwrt.org/doc/uci/firewall
Beside that I google/searched OpenWrt forum and found some users' paste just like the Wiki.
And it makes completely sense to use drop as defaults, for security reasons.
Thanks for reply!