extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-01-10 23:58:14 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add helpers in the macros

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2012-08-09 07:36:04 -07:00
parent 8f71797a48
commit 2690243e3c
10 changed files with 86 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
Shorewall/Macros/macro.Amanda
View File

@ -10,7 +10,13 @@
############################################################################### ###############################################################################
#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ #ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/
# PORT(S) PORT(S) LIMIT GROUP # PORT(S) PORT(S) LIMIT GROUP
PARAM - - udp 10080
?IF ( __CT_TARGET && $HELPERS && __AMANDA_HELPER )
PARAM - - udp 10080 ; helper=amanda
?ELSE
PARAM - - udp 10080
?ENDIF
PARAM - - tcp 10080 PARAM - - tcp 10080
# #
# You may also need this rule. With AMANDA 2.4.4 on Linux kernel 2.6, # You may also need this rule. With AMANDA 2.4.4 on Linux kernel 2.6,

7
Shorewall/Macros/macro.FTP
View File

@ -8,4 +8,9 @@
############################################################################### ###############################################################################
#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ #ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/
# PORT(S) PORT(S) LIMIT GROUP # PORT(S) PORT(S) LIMIT GROUP
PARAM - - tcp 21
?IF ( __CT_TARGET && $HELPERS && __FTP_HELPER )
PARAM - - tcp 21 ; helper=ftp
?ELSE
PARAM - - tcp 21
?ENDIF

7
Shorewall/Macros/macro.IRC
View File

@ -8,4 +8,9 @@
############################################################################### ###############################################################################
#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ #ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/
# PORT(S) PORT(S) LIMIT GROUP # PORT(S) PORT(S) LIMIT GROUP
PARAM - - tcp 6667
?IF ( __CT_TARGET && $HELPERS && __IRC_HELPER )
PARAM - - tcp 6667 ; helper=irc
?ELSE
PARAM - - tcp 6667
?ENDIF

7
Shorewall/Macros/macro.PPtP
View File

@ -10,4 +10,9 @@
# PORT(S) PORT(S) LIMIT GROUP # PORT(S) PORT(S) LIMIT GROUP
PARAM - - 47 PARAM - - 47
PARAM DEST SOURCE 47 PARAM DEST SOURCE 47
PARAM - - tcp 1723
?IF ( __CT_TARGET && $HELPERS && __PPTP_HELPER )
PARAM - - tcp 1723 ; helper=pptp
?ELSE
PARAM - - tcp 1723
?ENDIF

8
Shorewall/Macros/macro.SANE
View File

@ -8,7 +8,13 @@
############################################################################### ###############################################################################
#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ #ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/
# PORT(S) PORT(S) LIMIT GROUP # PORT(S) PORT(S) LIMIT GROUP
PARAM - - tcp 6566
?IF ( __CT_TARGET && $HELPERS && __SANE_HELPER )
PARAM - - tcp 6566 ; helper=sane
?ELSE
PARAM - - tcp 6566
?ENDIF
# #
# Kernels 2.6.23+ has nf_conntrack_sane module which will handle # Kernels 2.6.23+ has nf_conntrack_sane module which will handle
# sane data connection. # sane data connection.

16
Shorewall/Macros/macro.SIP Normal file
View File

@ -0,0 +1,16 @@
#
# Shorewall version 4 - SIP Macro
#
# /usr/share/shorewall/macro.SIP
#
# This macro handles SIP traffic.
#
###############################################################################
#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/
# PORT(S) PORT(S) LIMIT GROUP
?IF ( __CT_TARGET && $HELPERS && __SIP_HELPER )
PARAM - - udp 5060 ; helper=sip
?ELSE
PARAM - - udp 5060
?ENDIF

9
Shorewall/Macros/macro.SMB
View File

@ -13,6 +13,13 @@
#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ #ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/
# PORT(S) PORT(S) LIMIT GROUP # PORT(S) PORT(S) LIMIT GROUP
PARAM - - udp 135,445 PARAM - - udp 135,445
PARAM - - udp 137:139
?IF ( __CT_TARGET && $HELPERS && __NETBIOS_NS_HELPER )
PARAM - - udp 137 ; helper=netbios-ns
PARAM - - udp 138:139
?ELSE
PARAM - - udp 137:139
?ENDIF
PARAM - - udp 1024: 137 PARAM - - udp 1024: 137
PARAM - - tcp 135,139,445 PARAM - - tcp 135,139,445

18
Shorewall/Macros/macro.SMBBI
View File

@ -13,10 +13,24 @@
#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ #ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/
# PORT(S) PORT(S) LIMIT GROUP # PORT(S) PORT(S) LIMIT GROUP
PARAM - - udp 135,445 PARAM - - udp 135,445
PARAM - - udp 137:139
?IF ( __CT_TARGET && $HELPERS && __NETBIOS_NS_HELPER )
PARAM - - udp 137 ; helper=netbios-ns
PARAM - - udp 138:139
?ELSE
PARAM - - udp 137:139
?ENDIF
PARAM - - udp 1024: 137 PARAM - - udp 1024: 137
PARAM - - tcp 135,139,445 PARAM - - tcp 135,139,445
PARAM DEST SOURCE udp 135,445 PARAM DEST SOURCE udp 135,445
PARAM DEST SOURCE udp 137:139
?IF ( __CT_TARGET && $HELPERS && __NETBIOS_NS_HELPER )
PARAM DEST SOURCE udp 137 ; helper=netbios-ns
PARAM DEST SOURCE udp 138:139
?ELSE
PARAM DEST SOURCE udp 137:139
?ENDIF
PARAM DEST SOURCE udp 1024: 137 PARAM DEST SOURCE udp 1024: 137
PARAM DEST SOURCE tcp 135,139,445 PARAM DEST SOURCE tcp 135,139,445

9
Shorewall/Macros/macro.SNMP
View File

@ -8,5 +8,12 @@
############################################################################### ###############################################################################
#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ #ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/
# PORT(S) PORT(S) LIMIT GROUP # PORT(S) PORT(S) LIMIT GROUP
PARAM - - udp 161:162
?IF ( __CT_TARGET && $HELPERS && __SNMP_HELPER )
PARAM - - udp 161 ; helper=snmp
PARAM - - udp 162
?ELSE
PARAM - - udp 161:162
?ENDIF
PARAM - - tcp 161 PARAM - - tcp 161

7
Shorewall/Macros/macro.TFTP
View File

@ -10,4 +10,9 @@
############################################################################### ###############################################################################
#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ #ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/
# PORT(S) PORT(S) LIMIT GROUP # PORT(S) PORT(S) LIMIT GROUP
PARAM - - udp 69
?IF ( __CT_TARGET && $HELPERS && __TFTP_HELPER )
PARAM - - udp 69 ; helper=tftp
?ELSE
PARAM - - udp 69
?ENDIF