]> git.proxmox.com Git - pve-firewall.git/blobdiff - example/host.fw
projects / pve-firewall.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
cleanup_fw_rule: only copy defined rule properties
[pve-firewall.git] / example / host.fw
diff --git a/example/host.fw b/example/host.fw
index 79a59492b1aa1168086b20156493bb1bb7651d05..4d861078d8c6f8b2f6ddb69a668d7cae08a5226b 100644 (file)
--- a/example/host.fw
+++ b/example/host.fw
@@ -20,6 +20,15 @@ nf_conntrack_max: 196608
 # you need to enable that explicitly
 allow_bridge_route: 1
 
+# disable SMURFS filter
+nosmurfs: 0
+
+# filter illegal combinations of TCP flags
+tcpflags: 1
+
+# rules processing speed optimizations 
+optimize : 1
+
 [RULES]
 
 IN  SSH(ACCEPT) net0
Firewall test scripts