pfilter: novlan: accept all UDP ports from 0 to 511
This shortens the rule-set by two rules, making space for pdelay.
By accepting all ports from 0 to 511, we get all of our services,
including snmp that will be tested soon. This relaxed check will give
us possibly some false positives (then discarded by the CPU) while
still protecting from most of an hostile or just probing port sweep.
Signed-off-by: Alessandro Rubini <rubini@gnudd.com>
Showing
Please
register
or
sign in
to comment