shorewall_code/Shorewall/action.TCPFlags

35 lines
788 B
Plaintext
Raw Normal View History

#
# Shorewall version 5 - Drop TCPFlags Action
#
# /usr/share/shorewall/action.TCPFlags
#
# Accepts a single optional parameter:
#
# - = Do not Audit
# audit = Audit dropped packets.
#
#################################################################################
DEFAULTS -
?if @1 ne '' && @1 ne '-'
?if @1 eq 'audit'
?set tcpflags_action A_DROP
?else
?error The parameter to TCPFlags must be 'audit' or '-'
?endif
?else
?set tcpflags_action DROP
?endif
$tcpflags_action - - ;;+ -p 6 --tcp-flags ALL FIN,URG,PSH
$tcpflags_action - - ;;+ -p 6 --tcp-flags ALL NONE
$tcpflags_action - - ;;+ -p 6 --tcp-flags SYN,RST SYN,RST
$tcpflags_action - - ;;+ -p 6 --tcp-flags SYN,FIN SYN,FIN
$tcpflags_action - - ;;+ -p tcp --syn --sport 0