diff options
| author | BBcan177 <bbcan177@gmail.com> | 2015-08-30 22:19:30 -0400 |
|---|---|---|
| committer | BBcan177 <bbcan177@gmail.com> | 2015-08-30 22:19:30 -0400 |
| commit | e0acf9ae6217557b2e77152ca498b2f73a08f624 (patch) | |
| tree | 061c80d97556235c52f6ab5778417d109b1a4c90 /config/pfblockerng/pfblockerng_top20.xml | |
| parent | fe1f8e57ce57b879157ec264028248c31efd09a6 (diff) | |
| download | pfsense-packages-e0acf9ae6217557b2e77152ca498b2f73a08f624.tar.gz pfsense-packages-e0acf9ae6217557b2e77152ca498b2f73a08f624.tar.bz2 pfsense-packages-e0acf9ae6217557b2e77152ca498b2f73a08f624.zip | |
pfBlockerNG mods
Diffstat (limited to 'config/pfblockerng/pfblockerng_top20.xml')
| -rw-r--r-- | config/pfblockerng/pfblockerng_top20.xml | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/config/pfblockerng/pfblockerng_top20.xml b/config/pfblockerng/pfblockerng_top20.xml index 32ed52e8..030c1385 100644 --- a/config/pfblockerng/pfblockerng_top20.xml +++ b/config/pfblockerng/pfblockerng_top20.xml @@ -132,6 +132,17 @@ <type>listtopic</type> </field> <field> + <description><![CDATA[<font color='red'>Note:</font> pfSense by default implicitly blocks all unsolicited inbound traffic to the WAN + interface. Therefore adding GeoIP based firewall rules to the WAN will <strong>not</strong> provide any benefit, unless there are + open WAN ports. Also consider protecting just the specific open WAN ports. It's also <strong>not</strong> recommended to + block the 'world', instead consider rules to 'Permit' traffic from selected Countries only. Finally, it's just as important + to protect the outbound LAN traffic.]]> + </description> + <type>info</type> + <dontdisplayname/> + <usecolspan2/> + </field> + <field> <fielddescr>LINKS</fielddescr> <description><![CDATA[<a href="/firewall_aliases.php">Firewall Alias</a> <a href="/firewall_rules.php">Firewall Rules</a> <a href="diag_logs_filter.php">Firewall Logs</a>]]> |