Add helpers in the macros

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2025-01-10 23:58:14 +01:00 · 2012-08-09 07:36:04 -07:00 · 2012-08-09 07:36:04 -07:00 · 2690243e3c
commit 2690243e3c
parent 8f71797a48
10 changed files with 86 additions and 10 deletions
--- a/Shorewall/Macros/macro.Amanda
+++ b/Shorewall/Macros/macro.Amanda
@ -10,7 +10,13 @@
 ###############################################################################
 #ACTION	SOURCE	DEST	PROTO	DEST	SOURCE	RATE	USER/
 #				PORT(S)	PORT(S)	LIMIT	GROUP
-PARAM	-	-	udp	10080
+
+?IF ( __CT_TARGET && $HELPERS && __AMANDA_HELPER )
+ PARAM	-	-	udp	10080 ; helper=amanda
+?ELSE
+ PARAM	-	-	udp	10080
+?ENDIF
+
 PARAM	-	-	tcp	10080
 #
 # You may also need this rule.  With AMANDA 2.4.4 on Linux kernel 2.6,
--- a/Shorewall/Macros/macro.FTP
+++ b/Shorewall/Macros/macro.FTP
@ -8,4 +8,9 @@
 ###############################################################################
 #ACTION	SOURCE	DEST	PROTO	DEST	SOURCE	RATE	USER/
 #				PORT(S)	PORT(S)	LIMIT	GROUP
-PARAM	-	-	tcp	21
+
+?IF ( __CT_TARGET && $HELPERS && __FTP_HELPER  )
+ PARAM	-	-	tcp	21 ; helper=ftp
+?ELSE
+ PARAM	-	-	tcp	21
+?ENDIF
--- a/Shorewall/Macros/macro.IRC
+++ b/Shorewall/Macros/macro.IRC
@ -8,4 +8,9 @@
 ###############################################################################
 #ACTION	SOURCE	DEST	PROTO	DEST	SOURCE	RATE	USER/
 #				PORT(S)	PORT(S)	LIMIT	GROUP
-PARAM	-	-	tcp	6667
+
+?IF ( __CT_TARGET && $HELPERS && __IRC_HELPER  )
+ PARAM	-	-	tcp	6667 ; helper=irc
+?ELSE
+ PARAM	-	-	tcp	6667
+?ENDIF
--- a/Shorewall/Macros/macro.PPtP
+++ b/Shorewall/Macros/macro.PPtP
@ -10,4 +10,9 @@
 #				PORT(S)	PORT(S)	LIMIT	GROUP
 PARAM	-	-	47
 PARAM	DEST	SOURCE	47
-PARAM	-	-	tcp	1723
+
+?IF ( __CT_TARGET && $HELPERS && __PPTP_HELPER )
+ PARAM	-	-	tcp	1723 ; helper=pptp
+?ELSE
+ PARAM	-	-	tcp	1723
+?ENDIF
--- a/Shorewall/Macros/macro.SANE
+++ b/Shorewall/Macros/macro.SANE
@ -8,7 +8,13 @@
 ###############################################################################
 #ACTION	SOURCE	DEST	PROTO	DEST	SOURCE	RATE	USER/
 #				PORT(S)	PORT(S)	LIMIT	GROUP
-PARAM	-	-	tcp	6566
+
+?IF ( __CT_TARGET && $HELPERS && __SANE_HELPER )
+ PARAM	-	-	tcp	6566 ; helper=sane
+?ELSE
+ PARAM	-	-	tcp	6566
+?ENDIF
+
 #
 # Kernels 2.6.23+ has nf_conntrack_sane module which will handle
 # sane data connection.
--- a/Shorewall/Macros/macro.SIP
+++ b/Shorewall/Macros/macro.SIP
@ -0,0 +1,16 @@
+#
+# Shorewall version 4 - SIP Macro
+#
+# /usr/share/shorewall/macro.SIP
+#
+#	This macro handles SIP traffic.
+#
+###############################################################################
+#ACTION	SOURCE	DEST	PROTO	DEST	SOURCE	RATE	USER/
+#				PORT(S)	PORT(S)	LIMIT	GROUP
+
+?IF ( __CT_TARGET && $HELPERS && __SIP_HELPER  )
+ PARAM	-	-	udp	5060 ; helper=sip
+?ELSE
+ PARAM	-	-	udp	5060
+?ENDIF
--- a/Shorewall/Macros/macro.SMB
+++ b/Shorewall/Macros/macro.SMB
@ -13,6 +13,13 @@
 #ACTION	SOURCE	DEST	PROTO	DEST	SOURCE	RATE	USER/
 #				PORT(S)	PORT(S)	LIMIT	GROUP
 PARAM	-	-	udp	135,445
-PARAM	-	-	udp	137:139
+
+?IF ( __CT_TARGET && $HELPERS && __NETBIOS_NS_HELPER )
+ PARAM	-	-	udp	137 ; helper=netbios-ns
+ PARAM	-	-	udp	138:139
+?ELSE
+ PARAM	-	-	udp	137:139
+?ENDIF
+
 PARAM	-	-	udp	1024:	137
 PARAM	-	-	tcp	135,139,445
--- a/Shorewall/Macros/macro.SMBBI
+++ b/Shorewall/Macros/macro.SMBBI
@ -13,10 +13,24 @@
 #ACTION	SOURCE	DEST	PROTO	DEST	SOURCE	RATE	USER/
 #				PORT(S)	PORT(S)	LIMIT	GROUP
 PARAM	-	-	udp	135,445
-PARAM	-	-	udp	137:139
+
+?IF ( __CT_TARGET && $HELPERS && __NETBIOS_NS_HELPER )
+ PARAM	-	-	udp	137 ; helper=netbios-ns
+ PARAM	-	-	udp	138:139
+?ELSE
+ PARAM	-	-	udp	137:139
+?ENDIF
+
 PARAM	-	-	udp	1024:	137
 PARAM	-	-	tcp	135,139,445
 PARAM	DEST	SOURCE	udp	135,445
-PARAM	DEST	SOURCE	udp	137:139
+
+?IF ( __CT_TARGET && $HELPERS && __NETBIOS_NS_HELPER )
+ PARAM	DEST	SOURCE	udp	137 ; helper=netbios-ns
+ PARAM	DEST	SOURCE	udp	138:139
+?ELSE
+ PARAM	DEST	SOURCE	udp	137:139
+?ENDIF
+
 PARAM	DEST	SOURCE	udp	1024:	137
 PARAM	DEST	SOURCE	tcp	135,139,445
--- a/Shorewall/Macros/macro.SNMP
+++ b/Shorewall/Macros/macro.SNMP
@ -8,5 +8,12 @@
 ###############################################################################
 #ACTION	SOURCE	DEST	PROTO	DEST	SOURCE	RATE	USER/
 #				PORT(S)	PORT(S)	LIMIT	GROUP
-PARAM	-	-	udp	161:162
+
+?IF ( __CT_TARGET && $HELPERS && __SNMP_HELPER )
+ PARAM	-	-  	udp     161 ; helper=snmp
+ PARAM	-	-	udp	162
+?ELSE
+ PARAM	-	-	udp	161:162
+?ENDIF
+
 PARAM	-	-	tcp	161
--- a/Shorewall/Macros/macro.TFTP
+++ b/Shorewall/Macros/macro.TFTP
@ -10,4 +10,9 @@
 ###############################################################################
 #ACTION	SOURCE	DEST	PROTO	DEST	SOURCE	RATE	USER/
 #				PORT(S)	PORT(S)	LIMIT	GROUP
-PARAM	-	-	udp	69
+
+?IF ( __CT_TARGET && $HELPERS && __TFTP_HELPER )
+ PARAM	-	-	udp	69 ; helper=tftp
+?ELSE
+ PARAM	-	-	udp	69
+?ENDIF