[11/11] configroot: Drop traffic from and to hostile networks by default
Commit Message
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
---
lfs/configroot | 1 +
1 file changed, 1 insertion(+)
@@ -131,6 +131,7 @@ $(TARGET) :
echo "DROPWIRELESSINPUT=on" >> $(CONFIG_ROOT)/optionsfw/settings
echo "DROPWIRELESSFORWARD=on" >> $(CONFIG_ROOT)/optionsfw/settings
echo "DROPSPOOFEDMARTIAN=on" >> $(CONFIG_ROOT)/optionsfw/settings
+ echo "DROPHOSTILE=on" >> $(CONFIG_ROOT)/optionsfw/settings
echo "POLICY=MODE2" >> $(CONFIG_ROOT)/firewall/settings
echo "POLICY1=MODE2" >> $(CONFIG_ROOT)/firewall/settings
echo "USE_ISP_NAMESERVERS=on" >> $(CONFIG_ROOT)/dns/settings