Add links and headers to config files and correct a typo

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2060 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2005-04-17 14:54:43 +00:00
parent 8de478584e
commit 45dc8ba9da
23 changed files with 60 additions and 2 deletions

View File

@ -11,6 +11,9 @@
# 2. Copy this file to /etc/shorewall/action.<action name> # 2. Copy this file to /etc/shorewall/action.<action name>
# 3. Add the desired rules to that file. # 3. Add the desired rules to that file.
# #
# Please see http://shorewall.net/Actions.html for additional
# information.
#
# Columns are: # Columns are:
# #
# #

View File

@ -8,7 +8,7 @@
# #
# ACTION names should begin with an upper-case letter to # ACTION names should begin with an upper-case letter to
# distinguish them from Shorewall-generated chain names and # distinguish them from Shorewall-generated chain names and
# they must need the requirements of a Netfilter chain. If # they must meet the requirements of a Netfilter chain. If
# you intend to log from the action then the name must be # you intend to log from the action then the name must be
# no longer than 11 character in length. Names must also # no longer than 11 character in length. Names must also
# meet the requirements for a Bourne Shell identifier (must # meet the requirements for a Bourne Shell identifier (must
@ -24,6 +24,9 @@
# If you specify ":DROP", ":REJECT" or ":ACCEPT" on a line by # If you specify ":DROP", ":REJECT" or ":ACCEPT" on a line by
# itself, the associated policy will have no common action. # itself, the associated policy will have no common action.
# #
# Please see http://shorewall.net/Actions.html for additional
# information.
#
#ACTION #ACTION
#LAST LINE - ADD YOUR ENTRIES ABOVE THIS ONE - DO NOT REMOVE #LAST LINE - ADD YOUR ENTRIES ABOVE THIS ONE - DO NOT REMOVE

View File

@ -1,6 +1,8 @@
# #
# Shorewall 2.2 /usr/share/shorewall/actions.std # Shorewall 2.2 /usr/share/shorewall/actions.std
# #
# Please see http://shorewall.net/Actions.html for additional
# information.
# #
# Builtin Actions are: # Builtin Actions are:
# #

View File

@ -38,6 +38,9 @@
# ADDRESS/SUBNET PROTOCOL PORT # ADDRESS/SUBNET PROTOCOL PORT
# 192.0.2.126 udp 53 # 192.0.2.126 udp 53
# #
# Please see http://shorewall.net/blacklisting_support.htm for additional
# information.
#
############################################################################### ###############################################################################
#ADDRESS/SUBNET PROTOCOL PORT #ADDRESS/SUBNET PROTOCOL PORT
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE

View File

@ -4,3 +4,5 @@
# Add commands below that you want to be executed after shorewall has # Add commands below that you want to be executed after shorewall has
# cleared any existing Netfilter rules and has enabled existing connections. # cleared any existing Netfilter rules and has enabled existing connections.
# #
# For additional information, see http://shorewall.net/shorewall_extension_scripts.htm
#

View File

@ -15,6 +15,8 @@
# 0.0.0.0/0 is assumed. If your kernel and iptables # 0.0.0.0/0 is assumed. If your kernel and iptables
# include iprange match support then IP address ranges # include iprange match support then IP address ranges
# are also permitted. # are also permitted.
#
# For additional information, see http://shorewall.net/Documentation.htm#ECN
############################################################################## ##############################################################################
#INTERFACE HOST(S) #INTERFACE HOST(S)
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE

View File

@ -135,5 +135,7 @@
# /etc/shorewall/ipsec file then you do NOT # /etc/shorewall/ipsec file then you do NOT
# need to specify the 'ipsec' option here. # need to specify the 'ipsec' option here.
# #
# For additional information, see http://shorewall.net/Documentation.htm#Hosts
#
#ZONE HOST(S) OPTIONS #ZONE HOST(S) OPTIONS
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS LINE -- DO NOT REMOVE #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS LINE -- DO NOT REMOVE

View File

@ -4,3 +4,5 @@
# Add commands below that you want to be executed at the beginning of # Add commands below that you want to be executed at the beginning of
# a "shorewall start" or "shorewall restart" command. # a "shorewall start" or "shorewall restart" command.
# #
# For additional information, see http://shorewall.net/shorewall_extension_scripts.htm
#

View File

@ -5,3 +5,5 @@
# "shorewall start" or "shorewall restart" commands at the point where # "shorewall start" or "shorewall restart" commands at the point where
# Shorewall has not yet added any perminent rules to the builtin chains. # Shorewall has not yet added any perminent rules to the builtin chains.
# #
# For additional information, see http://shorewall.net/shorewall_extension_scripts.htm
#

View File

@ -201,6 +201,9 @@
# connections. # connections.
# #
# net ppp0 - # net ppp0 -
#
# For additional information, see http://shorewall.net/Documentation.htm#Interfaces
#
############################################################################## ##############################################################################
#ZONE INTERFACE BROADCAST OPTIONS #ZONE INTERFACE BROADCAST OPTIONS
# #

View File

@ -1,6 +1,11 @@
# #
# Shorewall 2.2 - MAC list file # Shorewall 2.2 - MAC list file
# #
# This file is used to define the MAC addresses and optionally their
# associated IP addresses to be allowed to use the specified interface.
# The feature is enabled by using the maclist option in the interfaces
# or hosts configuration file.
#
# /etc/shorewall/maclist # /etc/shorewall/maclist
# #
# Columns are: # Columns are:
@ -18,6 +23,9 @@
# list of host and/or subnet addresses. If your kernel # list of host and/or subnet addresses. If your kernel
# and iptables have iprange match support then IP # and iptables have iprange match support then IP
# address ranges are also allowed. # address ranges are also allowed.
#
# For additional information, see http://shorewall.net/MAC_Validation.html
#
############################################################################## ##############################################################################
#INTERFACE MAC IP ADDRESSES (Optional) #INTERFACE MAC IP ADDRESSES (Optional)
#LAST LINE -- ADD YOUR ENTRIES ABOVE THIS LINE -- DO NOT REMOVE #LAST LINE -- ADD YOUR ENTRIES ABOVE THIS LINE -- DO NOT REMOVE

View File

@ -209,6 +209,8 @@
# #
# THE ORDER OF THE ABOVE TWO RULES IS SIGNIFICANT!!!!! # THE ORDER OF THE ABOVE TWO RULES IS SIGNIFICANT!!!!!
# #
# For additional information, see http://shorewall.net/Documentation.htm#Masq
#
############################################################################### ###############################################################################
#INTERFACE SUBNET ADDRESS PROTO PORT(S) IPSEC #INTERFACE SUBNET ADDRESS PROTO PORT(S) IPSEC
#LAST LINE -- ADD YOUR ENTRIES ABOVE THIS LINE -- DO NOT REMOVE #LAST LINE -- ADD YOUR ENTRIES ABOVE THIS LINE -- DO NOT REMOVE

View File

@ -7,6 +7,7 @@
# dependency order. i.e., if M2 depends on M1 then you must load M1 before # dependency order. i.e., if M2 depends on M1 then you must load M1 before
# you load M2. # you load M2.
# #
# For additional information, see http://shorewall.net/Documentation.htm#modules
loadmodule ip_tables loadmodule ip_tables
loadmodule iptable_filter loadmodule iptable_filter

View File

@ -38,6 +38,8 @@
# #
# LOCAL If Yes or yes, NAT will be effective from the firewall # LOCAL If Yes or yes, NAT will be effective from the firewall
# system # system
#
# For additional information, see http://shorewall.net/NAT.htm
############################################################################## ##############################################################################
#EXTERNAL INTERFACE INTERNAL ALL LOCAL #EXTERNAL INTERFACE INTERNAL ALL LOCAL
# INTERFACES # INTERFACES

View File

@ -85,6 +85,7 @@
# # # #
# all all REJECT info # all all REJECT info
# #
# See http://shorewall.net/Documentation.htm#Policy for additional information.
############################################################################### ###############################################################################
#SOURCE DEST POLICY LOG LIMIT:BURST #SOURCE DEST POLICY LOG LIMIT:BURST
# LEVEL # LEVEL

View File

@ -39,6 +39,8 @@
# #
# #ADDRESS INTERFACE EXTERNAL # #ADDRESS INTERFACE EXTERNAL
# 155.186.235.6 eth1 eth0 # 155.186.235.6 eth1 eth0
#
# See http://shorewall.net/ProxyARP.htm for additional information.
############################################################################## ##############################################################################
#ADDRESS INTERFACE EXTERNAL HAVEROUTE PERSISTENT #ADDRESS INTERFACE EXTERNAL HAVEROUTE PERSISTENT
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE

View File

@ -31,6 +31,10 @@
# eth2 192.168.1.0/24 # eth2 192.168.1.0/24
# eth0 192.0.2.44 # eth0 192.0.2.44
# br0 - routeback # br0 - routeback
#
# See http://shorewall.net/Documentation.htm#Routestopped and
# http://shorewall.net/starting_and_stopping_shorewall.htm for additional
# information.
############################################################################## ##############################################################################
#INTERFACE HOST(S) OPTIONS #INTERFACE HOST(S) OPTIONS
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE

View File

@ -4,3 +4,5 @@
# Add commands below that you want to be executed after shorewall has # Add commands below that you want to be executed after shorewall has
# been started or restarted. # been started or restarted.
# #
# See http://shorewall.net/shorewall_extension_scripts.htm for additional
# information.

View File

@ -11,3 +11,5 @@
# This script should not change the firewall configuration directly but may # This script should not change the firewall configuration directly but may
# do so indirectly by running /sbin/shorewall with the 'nolock' option. # do so indirectly by running /sbin/shorewall with the 'nolock' option.
# #
# See http://shorewall.net/shorewall_extension_scripts.htm for additional
# information.

View File

@ -4,3 +4,5 @@
# Add commands below that you want to be executed at the beginning of a # Add commands below that you want to be executed at the beginning of a
# "shorewall stop" command. # "shorewall stop" command.
# #
# See http://shorewall.net/shorewall_extension_scripts.htm for additional
# information.

View File

@ -4,3 +4,5 @@
# Add commands below that you want to be executed at the completion of a # Add commands below that you want to be executed at the completion of a
# "shorewall stop" command. # "shorewall stop" command.
# #
# See http://shorewall.net/shorewall_extension_scripts.htm for additional
# information.

View File

@ -147,6 +147,8 @@
# testing # testing
# :C Designates a connection mark. If omitted, # :C Designates a connection mark. If omitted,
# the packet mark's value is tested. # the packet mark's value is tested.
#
# See http://shorewall.net/traffic_shaping.htm for additional information.
############################################################################## ##############################################################################
#MARK SOURCE DEST PROTO PORT(S) CLIENT USER TEST #MARK SOURCE DEST PROTO PORT(S) CLIENT USER TEST
# PORT(S) # PORT(S)

View File

@ -108,6 +108,10 @@
# #
# generic:udp:4444 net 4.3.99.124 # generic:udp:4444 net 4.3.99.124
# #
#
# See http://shorewall.net/Documentation.htm#Tunnels for additional information.
#
# TYPE ZONE GATEWAY GATEWAY # TYPE ZONE GATEWAY GATEWAY
# ZONE # ZONE
#
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE