mirror of
https://gitlab.com/shorewall/code.git
synced 2025-06-26 04:32:01 +02:00
Updated Comments For 1.4.x Changes
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@542 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
frannie
parent
99cb231761
commit
240d7c8381
@ -1,5 +1,5 @@
|
|||||||
#
|
#
|
||||||
# Shorewall 1.4 -- Sample Interface File For One Interface
|
# Shorewall 1.4 -- Sample Interface File For One Interface
|
||||||
#
|
#
|
||||||
# /etc/shorewall/interfaces
|
# /etc/shorewall/interfaces
|
||||||
#
|
#
|
||||||
|
|||||||
@ -22,7 +22,30 @@
|
|||||||
# Shorewall will not start!
|
# Shorewall will not start!
|
||||||
#
|
#
|
||||||
# POLICY Policy if no match from the rules file is found. Must
|
# POLICY Policy if no match from the rules file is found. Must
|
||||||
# be "ACCEPT", "DROP", "REJECT" or "CONTINUE"
|
# be "ACCEPT", "DROP", "REJECT", "CONTINUE" or "NONE"
|
||||||
|
#
|
||||||
|
# ACCEPT
|
||||||
|
# Accept the connection
|
||||||
|
# DROP
|
||||||
|
# Ignore the connection request.
|
||||||
|
# REJECT
|
||||||
|
# For TCP, send RST. For all other, send
|
||||||
|
# "port unreachable" ICMP.
|
||||||
|
# CONTINUE
|
||||||
|
# Pass the connection request past
|
||||||
|
# any other rules that it might also
|
||||||
|
# match (where the source or destination
|
||||||
|
# zone in those rules is a superset of
|
||||||
|
# the SOURCE or DEST in this policy)
|
||||||
|
# NONE
|
||||||
|
# Assume that there will never be any
|
||||||
|
# packets from this SOURCE to this
|
||||||
|
# DEST. Shorewall will not set up any
|
||||||
|
# infrastructure to handle such packets
|
||||||
|
# and you may not have any rules with
|
||||||
|
# this SOURCE and DEST in the /etc/shorewall/rules
|
||||||
|
# file. If such a packet is received the result
|
||||||
|
# is undefined.
|
||||||
#
|
#
|
||||||
# LOG LEVEL If supplied, each connection handled under the default
|
# LOG LEVEL If supplied, each connection handled under the default
|
||||||
# POLICY is logged at that level. If not supplied, no
|
# POLICY is logged at that level. If not supplied, no
|
||||||
|
|||||||
@ -15,7 +15,8 @@
|
|||||||
# Columns are:
|
# Columns are:
|
||||||
#
|
#
|
||||||
#
|
#
|
||||||
# ACTION ACCEPT, DROP, REJECT, DNAT, DNAT- or REDIRECT
|
# ACTION ACCEPT, DROP, REJECT, DNAT, DNAT-, REDIRECT,
|
||||||
|
# CONTINUE or LOG.
|
||||||
#
|
#
|
||||||
# ACCEPT
|
# ACCEPT
|
||||||
# Allow the connection request
|
# Allow the connection request
|
||||||
@ -46,6 +47,8 @@
|
|||||||
# connection request will be passed
|
# connection request will be passed
|
||||||
# to the rules defined for that
|
# to the rules defined for that
|
||||||
# (those) zones(s).
|
# (those) zones(s).
|
||||||
|
# LOG
|
||||||
|
# Simply log the packet and continue.
|
||||||
#
|
#
|
||||||
# May optionally be followed by ":" and a syslog log
|
# May optionally be followed by ":" and a syslog log
|
||||||
# level (e.g, REJECT:info). This causes the packet to be
|
# level (e.g, REJECT:info). This causes the packet to be
|
||||||
@ -110,6 +113,8 @@
|
|||||||
# 2. In DNAT rules, only IP addresses are
|
# 2. In DNAT rules, only IP addresses are
|
||||||
# allowed; no FQDNs or subnet addresses
|
# allowed; no FQDNs or subnet addresses
|
||||||
# are permitted.
|
# are permitted.
|
||||||
|
# 3. You may not specify both an interface and
|
||||||
|
# an address
|
||||||
#
|
#
|
||||||
# The port that the server is listening on may be
|
# The port that the server is listening on may be
|
||||||
# included and separated from the server's IP address by
|
# included and separated from the server's IP address by
|
||||||
|
|||||||
@ -22,7 +22,30 @@
|
|||||||
# Shorewall will not start!
|
# Shorewall will not start!
|
||||||
#
|
#
|
||||||
# POLICY Policy if no match from the rules file is found. Must
|
# POLICY Policy if no match from the rules file is found. Must
|
||||||
# be "ACCEPT", "DROP", "REJECT" or "CONTINUE"
|
# be "ACCEPT", "DROP", "REJECT", "CONTINUE" Or "NONE"
|
||||||
|
#
|
||||||
|
# ACCEPT
|
||||||
|
# Accept the connection
|
||||||
|
# DROP
|
||||||
|
# Ignore the connection request.
|
||||||
|
# REJECT
|
||||||
|
# For TCP, send RST. For all other, send
|
||||||
|
# "port unreachable" ICMP.
|
||||||
|
# CONTINUE
|
||||||
|
# Pass the connection request past
|
||||||
|
# any other rules that it might also
|
||||||
|
# match (where the source or destination
|
||||||
|
# zone in those rules is a superset of
|
||||||
|
# the SOURCE or DEST in this policy)
|
||||||
|
# NONE
|
||||||
|
# Assume that there will never be any
|
||||||
|
# packets from this SOURCE to this
|
||||||
|
# DEST. Shorewall will not set up any
|
||||||
|
# infrastructure to handle such packets
|
||||||
|
# and you may not have any rules with
|
||||||
|
# this SOURCE and DEST in the /etc/shorewall/rules
|
||||||
|
# file. If such a packet is received the result
|
||||||
|
# is undefined.
|
||||||
#
|
#
|
||||||
# LOG LEVEL If supplied, each connection handled under the default
|
# LOG LEVEL If supplied, each connection handled under the default
|
||||||
# POLICY is logged at that level. If not supplied, no
|
# POLICY is logged at that level. If not supplied, no
|
||||||
|
|||||||
@ -15,7 +15,8 @@
|
|||||||
# Columns are:
|
# Columns are:
|
||||||
#
|
#
|
||||||
#
|
#
|
||||||
# ACTION ACCEPT, DROP, REJECT, DNAT, DNAT- or REDIRECT
|
# ACTION ACCEPT, DROP, REJECT, DNAT, DNAT-, REDIRECT,
|
||||||
|
# CONTINUE or LOG.
|
||||||
#
|
#
|
||||||
# ACCEPT
|
# ACCEPT
|
||||||
# Allow the connection request
|
# Allow the connection request
|
||||||
@ -46,6 +47,8 @@
|
|||||||
# connection request will be passed
|
# connection request will be passed
|
||||||
# to the rules defined for that
|
# to the rules defined for that
|
||||||
# (those) zones(s).
|
# (those) zones(s).
|
||||||
|
# LOG
|
||||||
|
# Simply log the packet and continue.
|
||||||
#
|
#
|
||||||
# May optionally be followed by ":" and a syslog log
|
# May optionally be followed by ":" and a syslog log
|
||||||
# level (e.g, REJECT:info). This causes the packet to be
|
# level (e.g, REJECT:info). This causes the packet to be
|
||||||
@ -110,6 +113,8 @@
|
|||||||
# 2. In DNAT rules, only IP addresses are
|
# 2. In DNAT rules, only IP addresses are
|
||||||
# allowed; no FQDNs or subnet addresses
|
# allowed; no FQDNs or subnet addresses
|
||||||
# are permitted.
|
# are permitted.
|
||||||
|
# 3. You may not specify both an interface and
|
||||||
|
# an address.
|
||||||
#
|
#
|
||||||
# The port that the server is listening on may be
|
# The port that the server is listening on may be
|
||||||
# included and separated from the server's IP address by
|
# included and separated from the server's IP address by
|
||||||
|
|||||||
@ -22,7 +22,30 @@
|
|||||||
# Shorewall will not start!
|
# Shorewall will not start!
|
||||||
#
|
#
|
||||||
# POLICY Policy if no match from the rules file is found. Must
|
# POLICY Policy if no match from the rules file is found. Must
|
||||||
# be "ACCEPT", "DROP", "REJECT" or "CONTINUE"
|
# be "ACCEPT", "DROP", "REJECT", "CONTINUE" Or "NONE"
|
||||||
|
#
|
||||||
|
# ACCEPT
|
||||||
|
# Accept the connection
|
||||||
|
# DROP
|
||||||
|
# Ignore the connection request.
|
||||||
|
# REJECT
|
||||||
|
# For TCP, send RST. For all other, send
|
||||||
|
# "port unreachable" ICMP.
|
||||||
|
# CONTINUE
|
||||||
|
# Pass the connection request past
|
||||||
|
# any other rules that it might also
|
||||||
|
# match (where the source or destination
|
||||||
|
# zone in those rules is a superset of
|
||||||
|
# the SOURCE or DEST in this policy)
|
||||||
|
# NONE
|
||||||
|
# Assume that there will never be any
|
||||||
|
# packets from this SOURCE to this
|
||||||
|
# DEST. Shorewall will not set up any
|
||||||
|
# infrastructure to handle such packets
|
||||||
|
# and you may not have any rules with
|
||||||
|
# this SOURCE and DEST in the /etc/shorewall/rules
|
||||||
|
# file. If such a packet is received the result
|
||||||
|
# is undefined.
|
||||||
#
|
#
|
||||||
# LOG LEVEL If supplied, each connection handled under the default
|
# LOG LEVEL If supplied, each connection handled under the default
|
||||||
# POLICY is logged at that level. If not supplied, no
|
# POLICY is logged at that level. If not supplied, no
|
||||||
|
|||||||
@ -15,7 +15,8 @@
|
|||||||
# Columns are:
|
# Columns are:
|
||||||
#
|
#
|
||||||
#
|
#
|
||||||
# ACTION ACCEPT, DROP, REJECT, DNAT, DNAT- or REDIRECT
|
# ACTION ACCEPT, DROP, REJECT, DNAT, DNAT-, REDIRECT,
|
||||||
|
# CONTINUE or LOG.
|
||||||
#
|
#
|
||||||
# ACCEPT
|
# ACCEPT
|
||||||
# Allow the connection request
|
# Allow the connection request
|
||||||
@ -46,6 +47,8 @@
|
|||||||
# connection request will be passed
|
# connection request will be passed
|
||||||
# to the rules defined for that
|
# to the rules defined for that
|
||||||
# (those) zones(s).
|
# (those) zones(s).
|
||||||
|
# LOG
|
||||||
|
# Simply log the packet and continue.
|
||||||
#
|
#
|
||||||
# May optionally be followed by ":" and a syslog log
|
# May optionally be followed by ":" and a syslog log
|
||||||
# level (e.g, REJECT:info). This causes the packet to be
|
# level (e.g, REJECT:info). This causes the packet to be
|
||||||
@ -110,6 +113,8 @@
|
|||||||
# 2. In DNAT rules, only IP addresses are
|
# 2. In DNAT rules, only IP addresses are
|
||||||
# allowed; no FQDNs or subnet addresses
|
# allowed; no FQDNs or subnet addresses
|
||||||
# are permitted.
|
# are permitted.
|
||||||
|
# 3 You may not specify both an interface and
|
||||||
|
# an address.
|
||||||
#
|
#
|
||||||
# The port that the server is listening on may be
|
# The port that the server is listening on may be
|
||||||
# included and separated from the server's IP address by
|
# included and separated from the server's IP address by
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user