~mdw
/
firewall
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
{roadstar,jem,telecaster,stratocaster}.m4: Move Git to login servers.
[firewall]
/
bookends.m4
diff --git
a/bookends.m4
b/bookends.m4
index
807e8d9
..
699a966
100644
(file)
--- a/
bookends.m4
+++ b/
bookends.m4
@@
-177,6
+177,10
@@
errorchain bad-source-address DROP
## Packet arrived on wrong interface for its source address. Drops the
## packet, since there's nowhere sensible to send an error.
## Packet arrived on wrong interface for its source address. Drops the
## packet, since there's nowhere sensible to send an error.
+errorchain dns-rate-limit DROP
+## Dropped incoming DNS query due to rate limiting. The source address is
+## suspicious, so don't produce ICMP.
+
errorchain bad-destination-address REJECT
## Packet arrived on non-loopback interface with loopback destination.
errorchain bad-destination-address REJECT
## Packet arrived on non-loopback interface with loopback destination.