Gargoyle Forum

A forum to discuss the Gargoyle web interface for Openwrt
https://www.gargoyle-router.com/phpbb/

OpenWrt x Gargoyle - different Firewall defaults. Why?

https://www.gargoyle-router.com/phpbb/viewtopic.php?t=556

Page 1 of 1

OpenWrt x Gargoyle - different Firewall defaults. Why?

Posted: Wed Mar 10, 2010 3:56 pm
by wilsonhlacerda
Hi all!

In OpenWrt the /etc/config/firewall file has this defaults:

config 'defaults'
option 'syn_flood' '1'
option 'input' 'DROP'
option 'output' 'DROP'
option 'forward' 'DROP'

In Gargoyle (v1.1.7 for Atheros) it is:

config 'defaults'
option 'syn_flood' '1'
option 'input' 'ACCEPT'
option 'output' 'ACCEPT'
option 'forward' 'REJECT'


The OpenWrt version is clearly much more secure than the Gargoyle approach.

Is there any reason for this Gargoyle change in the firewall file?
Why Gargoyle just don't let it standard?

Re: OpenWrt x Gargoyle - different Firewall defaults. Why?

Posted: Thu Mar 11, 2010 8:53 am
by Eric
It is standard. See here.

Re: OpenWrt x Gargoyle - different Firewall defaults. Why?

Posted: Thu Mar 11, 2010 12:50 pm
by wilsonhlacerda
Weird!!!

OpenWrt Wiki shows different default:
http://wiki.openwrt.org/doc/uci/firewall

Beside that I google/searched OpenWrt forum and found some users' paste just like the Wiki.

And it makes completely sense to use drop as defaults, for security reasons.

Thanks for reply!
All times are UTC-04:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited