extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-01-03 03:59:16 +01:00
Code Issues Packages Projects Releases Wiki Activity

Update blacklisting article

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2015-10-05 08:18:52 -07:00
parent 89122c0d55
commit 35f33b325f
1 changed files with 7 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
docs/blacklisting_support.xml
View File

@ -49,9 +49,13 @@
<title>Introduction</title> <title>Introduction</title>
<para>Shorewall supports two different types of blackliisting; rule-based, <para>Shorewall supports two different types of blackliisting; rule-based,
static and dynamic. The BLACKLISTNEWONLY option in static and dynamic. The BLACKLIST option in /etc/shorewall/shorewall.conf
/etc/shorewall/shorewall.conf controls the degree of blacklist controls the degree of blacklist filtering.</para>
filtering:</para>
<para>The BLACKLIST option lists the Netfilter connection-tracking states
that blacklist rules are to be applied to (states are NEW, ESTABLISHED,
RELATED, INVALID, NOTRACK). The BLACKLIST option supersedes the
BLACKLISTNEWONLY option:</para>
<orderedlist> <orderedlist>
<listitem> <listitem>