[src/netbsd-9]: src/share/examples/npf Pull up following revision(s) (request...

[martin <martin%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/e311fbb280ac
branches:  netbsd-9
changeset: 1001148:e311fbb280ac
user:      martin <martin%NetBSD.org@localhost>
date:      Tue Nov 19 10:58:30 2019 +0000

description:
Pull up following revision(s) (requested by sevan in ticket #445):

        share/examples/npf/host-npf.conf: revision 1.11

With bin/54124 fixed, the rule needs to be explicitly set to stateful.

diffstat:

 share/examples/npf/host-npf.conf |  4 ++--
 1 files changed, 2 insertions(+), 2 deletions(-)

diffs (18 lines):

diff -r 8c7b2f2149a0 -r e311fbb280ac share/examples/npf/host-npf.conf
--- a/share/examples/npf/host-npf.conf  Tue Nov 19 10:56:35 2019 +0000
+++ b/share/examples/npf/host-npf.conf  Tue Nov 19 10:58:30 2019 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: host-npf.conf,v 1.10 2019/04/16 10:52:28 sevan Exp $
+# $NetBSD: host-npf.conf,v 1.10.2.1 2019/11/19 10:58:30 martin Exp $
 #
 # Simple ruleset for a host with (i.e., not routing) two interfaces,
 # ethernet and wifi.
@@ -31,7 +31,7 @@
     ruleset "blacklistd"
 
     # Allow SSH on wired interface and log all connection attempts
-    pass in on $wired_if proto tcp to $wired_addrs port ssh apply "log"
+    pass stateful in on $wired_if proto tcp to $wired_addrs port ssh apply "log"
 }
 
 group "wifi" on $wifi_if {