2002-07-11 02:01:45 +02:00
|
|
|
#
|
2006-01-16 16:15:43 +01:00
|
|
|
# Shorewall version 3.2 - Routestopped File
|
2002-07-11 02:01:45 +02:00
|
|
|
#
|
|
|
|
|
# /etc/shorewall/routestopped
|
|
|
|
|
#
|
2003-02-23 15:10:37 +01:00
|
|
|
# This file is used to define the hosts that are accessible when the
|
2005-07-09 07:45:05 +02:00
|
|
|
# firewall is stopped or when it is in the process of being
|
|
|
|
|
# [re]started.
|
2002-07-11 02:01:45 +02:00
|
|
|
#
|
2005-08-02 18:46:30 +02:00
|
|
|
# Columns are:
|
2002-07-11 02:01:45 +02:00
|
|
|
#
|
2002-07-11 18:15:40 +02:00
|
|
|
# INTERFACE - Interface through which host(s) communicate with
|
|
|
|
|
# the firewall
|
|
|
|
|
# HOST(S) - (Optional) Comma-separated list of IP/subnet
|
2005-07-09 07:45:05 +02:00
|
|
|
# addresses. If your kernel and iptables include
|
|
|
|
|
# iprange match support, IP address ranges are also
|
|
|
|
|
# allowed.
|
|
|
|
|
#
|
2003-02-23 15:10:37 +01:00
|
|
|
# If left empty or supplied as "-",
|
2002-07-11 18:15:40 +02:00
|
|
|
# 0.0.0.0/0 is assumed.
|
2005-08-02 18:46:30 +02:00
|
|
|
# OPTIONS - (Optional) A comma-separated list of
|
2005-07-09 06:45:32 +02:00
|
|
|
# options. The currently-supported options are:
|
|
|
|
|
#
|
|
|
|
|
# routeback - Set up a rule to ACCEPT traffic from
|
2005-07-09 07:55:29 +02:00
|
|
|
# these hosts back to themselves.
|
|
|
|
|
#
|
|
|
|
|
# source - Allow traffic from these hosts to ANY
|
|
|
|
|
# destination. Without this option or the 'dest'
|
2005-08-02 18:46:30 +02:00
|
|
|
# option, only traffic from this host to other
|
2005-07-09 07:55:29 +02:00
|
|
|
# listed hosts (and the firewall) is allowed. If
|
2005-09-27 01:04:33 +02:00
|
|
|
# 'source' is specified then 'routeback' is redundant.
|
2005-07-09 07:55:29 +02:00
|
|
|
#
|
|
|
|
|
# dest - Allow traffic to these hosts from ANY
|
|
|
|
|
# source. Without this option or the 'source'
|
2005-08-02 18:46:30 +02:00
|
|
|
# option, only traffic from this host to other
|
2005-07-09 07:55:29 +02:00
|
|
|
# listed hosts (and the firewall) is allowed. If
|
2005-09-27 01:04:33 +02:00
|
|
|
# 'dest' is specified then 'routeback' is redundant.
|
2002-07-11 02:01:45 +02:00
|
|
|
#
|
2005-07-26 01:08:09 +02:00
|
|
|
# critical - Allow traffic between the firewall and
|
|
|
|
|
# these hosts throughout '[re]start', 'stop' and
|
|
|
|
|
# 'clear'. Specifying 'critical' on one or more
|
|
|
|
|
# entries will cause your firewall to be "totally
|
|
|
|
|
# open" for a brief window during each of those
|
|
|
|
|
# operations.
|
|
|
|
|
#
|
2005-08-21 21:34:31 +02:00
|
|
|
# NOTE: The 'source' and 'dest' options work best when used
|
|
|
|
|
# in conjunction with ADMINISABSENTMINDED=Yes in
|
|
|
|
|
# /etc/shorewall/shorewall.conf.
|
|
|
|
|
#
|
2002-07-11 02:01:45 +02:00
|
|
|
# Example:
|
|
|
|
|
#
|
2005-07-09 06:45:32 +02:00
|
|
|
# INTERFACE HOST(S) OPTIONS
|
2002-07-11 02:01:45 +02:00
|
|
|
# eth2 192.168.1.0/24
|
|
|
|
|
# eth0 192.0.2.44
|
2005-07-09 06:45:32 +02:00
|
|
|
# br0 - routeback
|
2005-07-09 07:55:29 +02:00
|
|
|
# eth3 - source
|
2005-07-09 07:45:05 +02:00
|
|
|
#
|
|
|
|
|
# See http://shorewall.net/Documentation.htm#Routestopped and
|
2005-08-02 18:46:30 +02:00
|
|
|
# http://shorewall.net/starting_and_stopping_shorewall.htm for additional
|
2005-07-09 07:45:05 +02:00
|
|
|
# information.
|
2005-08-02 18:46:30 +02:00
|
|
|
#
|
|
|
|
|
###############################################################################
|
|
|
|
|
#INTERFACE HOST(S) OPTIONS
|
2002-07-11 02:01:45 +02:00
|
|
|
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
|
