diff --git a/Shorewall-common/macro.AllowICMPs b/Shorewall-common/macro.AllowICMPs index 6789b7b11..9000e8511 100644 --- a/Shorewall-common/macro.AllowICMPs +++ b/Shorewall-common/macro.AllowICMPs @@ -6,11 +6,8 @@ # This macro ACCEPTs needed ICMP types # ############################################################################### -#ACTION SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP - -COMMENT Needed ICMP types - +#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP ACCEPT - - icmp fragmentation-needed ACCEPT - - icmp time-exceeded #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/Shorewall-common/macro.Amanda b/Shorewall-common/macro.Amanda index 60a6a1ba4..8a79c6067 100644 --- a/Shorewall-common/macro.Amanda +++ b/Shorewall-common/macro.Amanda @@ -8,11 +8,8 @@ # files from those nodes. # ############################################################################### -#ACTION SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP - -COMMENT Amanda - +#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP PARAM - - udp 10080 # # You may also need this rule. With AMANDA 2.4.4 on Linux kernel 2.6, diff --git a/Shorewall-common/macro.Auth b/Shorewall-common/macro.Auth index 07de910e8..b633d63c0 100644 --- a/Shorewall-common/macro.Auth +++ b/Shorewall-common/macro.Auth @@ -6,10 +6,7 @@ # This macro handles Auth (identd) traffic. # ############################################################################### -#ACTION SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP - -COMMENT Auth - +#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP PARAM - - tcp 113 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/Shorewall-common/macro.BitTorrent b/Shorewall-common/macro.BitTorrent index 2524f64dc..14a0a5fed 100644 --- a/Shorewall-common/macro.BitTorrent +++ b/Shorewall-common/macro.BitTorrent @@ -6,11 +6,8 @@ # This macro handles BitTorrent traffic. # ############################################################################### -#ACTION SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP - -COMMENT BitTorrent - +#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP PARAM - - tcp 6881:6889 # # It may also be necessary to allow UDP traffic: diff --git a/Shorewall-common/macro.CVS b/Shorewall-common/macro.CVS index d3c4ee20b..386c8c39b 100644 --- a/Shorewall-common/macro.CVS +++ b/Shorewall-common/macro.CVS @@ -6,10 +6,7 @@ # This macro handles connections to the CVS pserver. # ############################################################################### -#ACTION SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP - -COMMENT CVS - +#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP PARAM - - tcp 2401 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/Shorewall-common/macro.DNS b/Shorewall-common/macro.DNS index 94c8081eb..584481e84 100644 --- a/Shorewall-common/macro.DNS +++ b/Shorewall-common/macro.DNS @@ -6,11 +6,8 @@ # This macro handles DNS traffic. # ############################################################################### -#ACTION SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP - -COMMENT DNS - +#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP PARAM - - udp 53 PARAM - - tcp 53 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/Shorewall-common/macro.Distcc b/Shorewall-common/macro.Distcc index 7bfe9c219..95ac70615 100644 --- a/Shorewall-common/macro.Distcc +++ b/Shorewall-common/macro.Distcc @@ -6,7 +6,7 @@ # This macro handles connections to the Distributed Compiler service. # ############################################################################### -#ACTION SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP +#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP PARAM - - tcp 3632 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/Shorewall-common/macro.Drop b/Shorewall-common/macro.Drop index a234ebf97..8a6520ef9 100644 --- a/Shorewall-common/macro.Drop +++ b/Shorewall-common/macro.Drop @@ -11,8 +11,8 @@ # Drop net all # ############################################################################### -#ACTION SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP +#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP # # Don't log 'auth' REJECT # diff --git a/Shorewall-common/macro.DropDNSrep b/Shorewall-common/macro.DropDNSrep index cab7f6584..6e854079f 100644 --- a/Shorewall-common/macro.DropDNSrep +++ b/Shorewall-common/macro.DropDNSrep @@ -6,10 +6,7 @@ # This macro silently drops DNS UDP replies # ############################################################################### -#ACTION SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP - -COMMENT Late DNS Replies - +#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP DROP - - udp - 53 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/Shorewall-common/macro.DropUPnP b/Shorewall-common/macro.DropUPnP index a2e5c3bb9..1bed9cf5a 100644 --- a/Shorewall-common/macro.DropUPnP +++ b/Shorewall-common/macro.DropUPnP @@ -6,10 +6,7 @@ # This macro silently drops UPnP probes on UDP port 1900 # ############################################################################### -#ACTION SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP - -COMMENT UPPnP - +#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP DROP - - udp 1900 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/Shorewall-common/macro.Edonkey b/Shorewall-common/macro.Edonkey index e5ed90693..9d7264f57 100644 --- a/Shorewall-common/macro.Edonkey +++ b/Shorewall-common/macro.Edonkey @@ -28,11 +28,8 @@ # applications such as aMule WebServer or aMuleCMD. # ############################################################################### -#ACTION SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP - -COMMENT Edonkey - +#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP PARAM - - tcp 4662 PARAM - - udp 4665 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/Shorewall-common/macro.FTP b/Shorewall-common/macro.FTP index 596d4e81d..997b78615 100644 --- a/Shorewall-common/macro.FTP +++ b/Shorewall-common/macro.FTP @@ -6,10 +6,7 @@ # This macro handles FTP traffic. # ############################################################################### -#ACTION SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP - -COMMENT FTP - +#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP PARAM - - tcp 21 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/Shorewall-common/macro.Finger b/Shorewall-common/macro.Finger index 6dc90c87c..f180ecfb2 100644 --- a/Shorewall-common/macro.Finger +++ b/Shorewall-common/macro.Finger @@ -7,10 +7,7 @@ # your finger information to internet. # ############################################################################### -#ACTION SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP - -COMMENT Finger - +#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP PARAM - - tcp 79 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/Shorewall-common/macro.GRE b/Shorewall-common/macro.GRE index cbb4adda9..3f0f6b2f6 100644 --- a/Shorewall-common/macro.GRE +++ b/Shorewall-common/macro.GRE @@ -3,14 +3,12 @@ # # /usr/share/shorewall/macro.GRE # -# This macro (bi-directional) handles Generic Routing Encapsulation traffic (RFC 1701) +# This macro (bi-directional) handles Generic Routing Encapsulation +# traffic (RFC 1701) # ############################################################################### -#ACTION SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP - -COMMENT GRE - +#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP PARAM - - 47 # GRE PARAM DEST SOURCE 47 # GRE #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/Shorewall-common/macro.Gnutella b/Shorewall-common/macro.Gnutella index 64a456273..4ec5718af 100644 --- a/Shorewall-common/macro.Gnutella +++ b/Shorewall-common/macro.Gnutella @@ -6,11 +6,8 @@ # This macro handles Gnutella traffic. # ############################################################################### -#ACTION SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP - -COMMENT Gnutella - +#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP PARAM - - tcp 6346 PARAM - - udp 6346 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/Shorewall-common/macro.HTTP b/Shorewall-common/macro.HTTP index b8d7dc6cb..798b6bc94 100644 --- a/Shorewall-common/macro.HTTP +++ b/Shorewall-common/macro.HTTP @@ -6,10 +6,7 @@ # This macro handles plaintext HTTP (WWW) traffic. # ############################################################################### -#ACTION SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP - -COMMENT HTTP - +#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP PARAM - - tcp 80 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/Shorewall-common/macro.HTTPS b/Shorewall-common/macro.HTTPS index 7f00f547e..af75c782f 100644 --- a/Shorewall-common/macro.HTTPS +++ b/Shorewall-common/macro.HTTPS @@ -6,10 +6,7 @@ # This macro handles HTTPS (WWW over SSL) traffic. # ############################################################################### -#ACTION SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP - -COMMENT HTTPS - +#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP PARAM - - tcp 443 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/Shorewall-common/macro.ICQ b/Shorewall-common/macro.ICQ index 1e62beeca..65d69748e 100644 --- a/Shorewall-common/macro.ICQ +++ b/Shorewall-common/macro.ICQ @@ -6,10 +6,7 @@ # This macro handles ICQ, now called AOL Instant Messenger (or AIM). # ############################################################################### -#ACTION SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP - -COMMENT ICQ - +#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP PARAM - - tcp 5190 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/Shorewall-common/macro.IMAP b/Shorewall-common/macro.IMAP index be6d172f2..f9da86963 100644 --- a/Shorewall-common/macro.IMAP +++ b/Shorewall-common/macro.IMAP @@ -7,10 +7,7 @@ # see macro.IMAPS. # ############################################################################### -#ACTION SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP - -COMMENT IMAP - +#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP PARAM - - tcp 143 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/Shorewall-common/macro.IMAPS b/Shorewall-common/macro.IMAPS index d8d560332..f3f1f14eb 100644 --- a/Shorewall-common/macro.IMAPS +++ b/Shorewall-common/macro.IMAPS @@ -7,10 +7,7 @@ # (not recommended), see macro.IMAP. # ############################################################################### -#ACTION SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP - -COMMENT IMAPS - +#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP PARAM - - tcp 993 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/Shorewall-common/macro.IPIP b/Shorewall-common/macro.IPIP index 384fbb03d..3f1caf089 100644 --- a/Shorewall-common/macro.IPIP +++ b/Shorewall-common/macro.IPIP @@ -6,11 +6,8 @@ # This macro (bidirectional) handles IPIP capsulation traffic # ############################################################################### -#ACTION SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP - -COMMENT IPIP - +#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP PARAM - - 94 # IPIP PARAM DEST SOURCE 94 # IPIP #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/Shorewall-common/macro.IPP b/Shorewall-common/macro.IPP index 2ab82f288..9486ac824 100644 --- a/Shorewall-common/macro.IPP +++ b/Shorewall-common/macro.IPP @@ -6,10 +6,7 @@ # This macro handles Internet Printing Protocol (IPP). # ############################################################################### -#ACTION SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP - -COMMENT IPP - +#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP PARAM - - tcp 631 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/Shorewall-common/macro.IPPserver b/Shorewall-common/macro.IPPserver index 019472031..cd91202c9 100644 --- a/Shorewall-common/macro.IPPserver +++ b/Shorewall-common/macro.IPPserver @@ -23,11 +23,8 @@ # IPPserver/ACCEPT $FW loc # ############################################################################### -#ACTION SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP - -COMMENT IPPServer - +#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP PARAM SOURCE DEST tcp 631 PARAM DEST SOURCE udp 631 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/Shorewall-common/macro.IPsec b/Shorewall-common/macro.IPsec index 8fd55e06d..2819d7e74 100644 --- a/Shorewall-common/macro.IPsec +++ b/Shorewall-common/macro.IPsec @@ -6,11 +6,8 @@ # This macro (bidirectional) handles IPsec traffic # ############################################################################### -#ACTION SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP - -COMMENT IPsec - +#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP PARAM - - udp 500 500 # IKE PARAM - - 50 # ESP PARAM DEST SOURCE udp 500 500 # IKE diff --git a/Shorewall-common/macro.IPsecah b/Shorewall-common/macro.IPsecah index 5a6a0554d..a6ca61523 100644 --- a/Shorewall-common/macro.IPsecah +++ b/Shorewall-common/macro.IPsecah @@ -7,11 +7,8 @@ # This is insecure. You should use ESP with encryption for security. # ############################################################################### -#ACTION SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP - -COMMENT IPsecah - +#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP PARAM - - udp 500 500 # IKE PARAM - - 51 # AH PARAM DEST SOURCE udp 500 500 # IKE diff --git a/Shorewall-common/macro.IPsecnat b/Shorewall-common/macro.IPsecnat index 257d97ab1..9212d97c5 100644 --- a/Shorewall-common/macro.IPsecnat +++ b/Shorewall-common/macro.IPsecnat @@ -6,11 +6,8 @@ # This macro (bidirectional) handles IPsec traffic and Nat-Traversal # ############################################################################### -#ACTION SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP - -COMMENT IPsecnat - +#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP PARAM - - udp 500 # IKE PARAM - - udp 4500 # NAT-T PARAM - - 50 # ESP diff --git a/Shorewall-common/macro.JabberPlain b/Shorewall-common/macro.JabberPlain index a255b271b..c7a5ce5d7 100644 --- a/Shorewall-common/macro.JabberPlain +++ b/Shorewall-common/macro.JabberPlain @@ -6,10 +6,7 @@ # This macro accepts Jabber traffic (plaintext). # ############################################################################### -#TARGET SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP - -COMMENT Jabber - +#TARGET SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP PARAM - - tcp 5222 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/Shorewall-common/macro.JabberSecure b/Shorewall-common/macro.JabberSecure index c13871cbe..7e10c0abf 100644 --- a/Shorewall-common/macro.JabberSecure +++ b/Shorewall-common/macro.JabberSecure @@ -6,10 +6,7 @@ # This macro accepts Jabber traffic (ssl). # ############################################################################### -#TARGET SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP - -COMMENT JabberSecure - +#TARGET SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP PARAM - - tcp 5223 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/Shorewall-common/macro.Jabberd b/Shorewall-common/macro.Jabberd index f365b9af2..0be954292 100644 --- a/Shorewall-common/macro.Jabberd +++ b/Shorewall-common/macro.Jabberd @@ -6,10 +6,7 @@ # This macro accepts Jabberd intercommunication traffic # ############################################################################### -#TARGET SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP - -COMMENT Jabberd - +#TARGET SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP PARAM - - tcp 5269 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/Shorewall-common/macro.Jetdirect b/Shorewall-common/macro.Jetdirect index 849658f51..c505b262f 100644 --- a/Shorewall-common/macro.Jetdirect +++ b/Shorewall-common/macro.Jetdirect @@ -6,10 +6,7 @@ # This macro handles HP Jetdirect printing. # ############################################################################### -#ACTION SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP - -COMMENT JetDirect - +#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP PARAM - - tcp 9100 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/Shorewall-common/macro.L2TP b/Shorewall-common/macro.L2TP index a4d8224e3..64afee142 100644 --- a/Shorewall-common/macro.L2TP +++ b/Shorewall-common/macro.L2TP @@ -3,14 +3,12 @@ # # /usr/share/shorewall/macro.L2TP # -# This macro (bidirectional) handles Layer 2 Tunneling Protocol traffic (RFC 2661) +# This macro (bidirectional) handles Layer 2 Tunneling Protocol traffic +# (RFC 2661) # ############################################################################### -#ACTION SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP - -COMMENT L2TP - +#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP PARAM - - udp 1701 # L2TP PARAM DEST SOURCE udp 1701 # L2TP #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/Shorewall-common/macro.LDAP b/Shorewall-common/macro.LDAP index a52a9e804..ba5710172 100644 --- a/Shorewall-common/macro.LDAP +++ b/Shorewall-common/macro.LDAP @@ -11,10 +11,7 @@ # Consult your LDAP server documentation for details. # ############################################################################### -#ACTION SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP - -COMMENT LDAP - +#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP PARAM - - tcp 389 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/Shorewall-common/macro.LDAPS b/Shorewall-common/macro.LDAPS index ea97082eb..bcaf2de91 100644 --- a/Shorewall-common/macro.LDAPS +++ b/Shorewall-common/macro.LDAPS @@ -11,10 +11,7 @@ # Consult your LDAP server documentation for details. # ############################################################################### -#ACTION SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP - -COMMENT LDAPS - +#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP PARAM - - tcp 636 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/Shorewall-common/macro.MySQL b/Shorewall-common/macro.MySQL index f3d21a3eb..1e438d97c 100644 --- a/Shorewall-common/macro.MySQL +++ b/Shorewall-common/macro.MySQL @@ -6,10 +6,7 @@ # This macro handles connections to the MySQL server. # ############################################################################### -#ACTION SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP - -COMMENT MySQL - +#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP PARAM - - tcp 3306 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/Shorewall-common/macro.NNTP b/Shorewall-common/macro.NNTP index 4d2cfbf9f..3bfc76283 100644 --- a/Shorewall-common/macro.NNTP +++ b/Shorewall-common/macro.NNTP @@ -7,10 +7,7 @@ # encrypted NNTP, see macro.NNTPS. # ############################################################################### -#ACTION SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP - -COMMENT NNTP - +#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP PARAM - - tcp 119 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/Shorewall-common/macro.NNTPS b/Shorewall-common/macro.NNTPS index e35dfe196..25fef49d8 100644 --- a/Shorewall-common/macro.NNTPS +++ b/Shorewall-common/macro.NNTPS @@ -7,10 +7,7 @@ # plaintext NNTP, see macro.NNTP. # ############################################################################### -#ACTION SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP - -COMMENT NNTPS - +#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP PARAM - - tcp 563 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/Shorewall-common/macro.NTP b/Shorewall-common/macro.NTP index 67a67012e..6ff0a350e 100644 --- a/Shorewall-common/macro.NTP +++ b/Shorewall-common/macro.NTP @@ -7,10 +7,7 @@ # For broadcast NTP traffic, use NTPbrd Macro. # ############################################################################### -#ACTION SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP - -COMMENT NTP - +#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP PARAM - - udp 123 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/Shorewall-common/macro.NTPbrd b/Shorewall-common/macro.NTPbrd index a7df30e30..63b110add 100644 --- a/Shorewall-common/macro.NTPbrd +++ b/Shorewall-common/macro.NTPbrd @@ -11,11 +11,8 @@ # Netfilter doesn't track connections for broadcast traffic. # ############################################################################### -#ACTION SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP - -COMMENT NTPbrd - +#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP PARAM - - udp 123 PARAM - - udp 1024: 123 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/Shorewall-common/macro.PCA b/Shorewall-common/macro.PCA index 078490448..1518af059 100644 --- a/Shorewall-common/macro.PCA +++ b/Shorewall-common/macro.PCA @@ -6,11 +6,8 @@ # This macro handles PCAnywere (tm) # ############################################################################### -#ACTION SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP - -COMMENT PCAnywhere - +#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP PARAM - - udp 5632 PARAM - - tcp 5631 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/Shorewall-common/macro.POP3 b/Shorewall-common/macro.POP3 index f049643d5..b0acab21d 100644 --- a/Shorewall-common/macro.POP3 +++ b/Shorewall-common/macro.POP3 @@ -7,10 +7,7 @@ # see macro.POP3S. # ############################################################################### -#ACTION SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP - -COMMENT POP3 - +#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP PARAM - - tcp 110 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/Shorewall-common/macro.POP3S b/Shorewall-common/macro.POP3S index 909d2836f..fd9c26097 100644 --- a/Shorewall-common/macro.POP3S +++ b/Shorewall-common/macro.POP3S @@ -7,10 +7,7 @@ # see macro.POP3. # ############################################################################### -#ACTION SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP - -COMMENT POP3S - +#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP PARAM - - tcp 995 # Secure POP3 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/Shorewall-common/macro.Ping b/Shorewall-common/macro.Ping index 966d38e3b..dad8b3a9a 100644 --- a/Shorewall-common/macro.Ping +++ b/Shorewall-common/macro.Ping @@ -6,10 +6,7 @@ # This macro handles 'ping' requests. # ############################################################################### -#ACTION SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP - -COMMENT Ping - +#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP PARAM - - icmp 8 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/Shorewall-common/macro.PostgreSQL b/Shorewall-common/macro.PostgreSQL index 621c41c68..2c4a4cab1 100644 --- a/Shorewall-common/macro.PostgreSQL +++ b/Shorewall-common/macro.PostgreSQL @@ -6,10 +6,7 @@ # This macro handles connections to the PostgreSQL server. # ############################################################################### -#ACTION SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP - -COMMENT PostgreSQL - +#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP PARAM - - tcp 5432 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/Shorewall-common/macro.Printer b/Shorewall-common/macro.Printer index a43a86b99..8c28ed8df 100644 --- a/Shorewall-common/macro.Printer +++ b/Shorewall-common/macro.Printer @@ -6,10 +6,7 @@ # This macro handles Line Printer protocol printing. # ############################################################################### -#ACTION SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP - -COMMENT Printer - +#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP PARAM - - tcp 515 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/Shorewall-common/macro.RDP b/Shorewall-common/macro.RDP index 95bac0c4d..fbbd8254e 100644 --- a/Shorewall-common/macro.RDP +++ b/Shorewall-common/macro.RDP @@ -6,10 +6,7 @@ # This macro handles Microsoft RDP (Remote Desktop) traffic. # ############################################################################### -#ACTION SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP - -COMMENT Remote Desktop - +#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP PARAM - - tcp 3389 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/Shorewall-common/macro.Rdate b/Shorewall-common/macro.Rdate index 1a7da4d89..500873ed0 100644 --- a/Shorewall-common/macro.Rdate +++ b/Shorewall-common/macro.Rdate @@ -10,10 +10,7 @@ # use Time macro instead. # ############################################################################### -#ACTION SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP - -COMMENT Rdate - +#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP PARAM - - tcp 37 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/Shorewall-common/macro.Reject b/Shorewall-common/macro.Reject index 78efe9cfa..f44ed506b 100644 --- a/Shorewall-common/macro.Reject +++ b/Shorewall-common/macro.Reject @@ -12,8 +12,8 @@ # # ############################################################################### -#ACTION SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP +#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP # # Don't log 'auth' REJECT # diff --git a/Shorewall-common/macro.Rsync b/Shorewall-common/macro.Rsync index 889cb93cc..530358b96 100644 --- a/Shorewall-common/macro.Rsync +++ b/Shorewall-common/macro.Rsync @@ -6,10 +6,7 @@ # This macro handles connections to the rsync server. # ############################################################################### -#ACTION SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP - -COMMENT Rsync - +#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP PARAM - - tcp 873 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/Shorewall-common/macro.SMB b/Shorewall-common/macro.SMB index 40fffa9da..e4166c351 100644 --- a/Shorewall-common/macro.SMB +++ b/Shorewall-common/macro.SMB @@ -10,11 +10,8 @@ # between hosts you fully trust. # ############################################################################### -#ACTION SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP - -COMMENT SMB - +#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP PARAM - - udp 135,445 PARAM - - udp 137:139 PARAM - - udp 1024: 137 diff --git a/Shorewall-common/macro.SMBBI b/Shorewall-common/macro.SMBBI index 07c2b9f05..04e91e7c9 100644 --- a/Shorewall-common/macro.SMBBI +++ b/Shorewall-common/macro.SMBBI @@ -10,11 +10,8 @@ # allow SMB traffic between hosts you fully trust. # ############################################################################### -#ACTION SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP - -COMMENT SMBBI - +#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP PARAM - - udp 135,445 PARAM - - udp 137:139 PARAM - - udp 1024: 137 diff --git a/Shorewall-common/macro.SMBswat b/Shorewall-common/macro.SMBswat index e7797fda5..d63805518 100644 --- a/Shorewall-common/macro.SMBswat +++ b/Shorewall-common/macro.SMBswat @@ -7,10 +7,7 @@ # (SWAT). # ############################################################################### -#ACTION SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP - -COMMENT Swat - +#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP PARAM - - tcp 901 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/Shorewall-common/macro.SMTP b/Shorewall-common/macro.SMTP index 140e8eb90..b8782315d 100644 --- a/Shorewall-common/macro.SMTP +++ b/Shorewall-common/macro.SMTP @@ -14,10 +14,7 @@ # the POP3 or IMAP macros. # ############################################################################### -#ACTION SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP - -COMMENT SMTP - +#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP PARAM - - tcp 25 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/Shorewall-common/macro.SMTPS b/Shorewall-common/macro.SMTPS index 703dec2c1..e2f188243 100644 --- a/Shorewall-common/macro.SMTPS +++ b/Shorewall-common/macro.SMTPS @@ -11,10 +11,7 @@ # the POP3(S) or IMAP(S) macros. # ############################################################################### -#ACTION SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP - -COMMENT SMTPS - +#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP PARAM - - tcp 465 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/Shorewall-common/macro.SNMP b/Shorewall-common/macro.SNMP index 094cf224d..0959e4fbb 100644 --- a/Shorewall-common/macro.SNMP +++ b/Shorewall-common/macro.SNMP @@ -6,11 +6,8 @@ # This macro handles SNMP traffic (including traps). # ############################################################################### -#ACTION SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP - -COMMENT SNMP - +#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP PARAM - - udp 161:162 PARAM - - tcp 161 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/Shorewall-common/macro.SPAMD b/Shorewall-common/macro.SPAMD index 262fe24b8..258c6d14c 100644 --- a/Shorewall-common/macro.SPAMD +++ b/Shorewall-common/macro.SPAMD @@ -6,9 +6,7 @@ # This macro handles Spam Assassin SPAMD traffic. # ############################################################################### -#ACTION SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP -COMMENT Spamd - +#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP PARAM - - tcp 783 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/Shorewall-common/macro.SSH b/Shorewall-common/macro.SSH index f9f40b24a..2bde98249 100644 --- a/Shorewall-common/macro.SSH +++ b/Shorewall-common/macro.SSH @@ -6,10 +6,7 @@ # This macro handles secure shell (SSH) traffic. # ############################################################################### -#ACTION SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP - -COMMENT SSH - +#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP PARAM - - tcp 22 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/Shorewall-common/macro.SVN b/Shorewall-common/macro.SVN index 5c364189e..aa5e52a00 100644 --- a/Shorewall-common/macro.SVN +++ b/Shorewall-common/macro.SVN @@ -7,10 +7,7 @@ # # ############################################################################### -#ACTION SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP - -COMMENT Subversion - +#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP PARAM - - tcp 3690 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/Shorewall-common/macro.SixXS b/Shorewall-common/macro.SixXS index e923e3d5c..657e75f43 100644 --- a/Shorewall-common/macro.SixXS +++ b/Shorewall-common/macro.SixXS @@ -6,15 +6,20 @@ # This macro handles SixXS -- An IPv6 Deployment and Tunnel Broker # ############################################################################### -#ACTION SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP - -COMMENT SixXS - -PARAM - - tcp 3874 # Used for retrieving the tunnel information (eg by AICCU) -PARAM - - udp 3740 # Used for signaling where the current IPv4 endpoint - # of the tunnel is and that it is alive -PARAM - - 41 # Used for tunneling IPv6 over IPv4 (static + heartbeat tunnels) -PARAM - - udp 5072,8374 # Used for tunneling IPv6 over IPv4 (AYIYA - # tunnels)(5072 is official port, 8374 is used in the beta) +#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP +# +# Used for retrieving the tunnel information (eg by AICCU) +PARAM - - tcp 3874 +# +# Used for signaling where the current IPv4 endpoint +# of the tunnel is and that it is alive +PARAM - - udp 3740 +# +# Used for tunneling IPv6 over IPv4 (static + heartbeat tunnels) +PARAM - - 41 +# +# Used for tunneling IPv6 over IPv4 (AYIYA +# tunnels)(5072 is official port, 8374 is used in the beta) +PARAM - - udp 5072,8374 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/Shorewall-common/macro.Submission b/Shorewall-common/macro.Submission index 19a5629c5..4f9e1e2ce 100644 --- a/Shorewall-common/macro.Submission +++ b/Shorewall-common/macro.Submission @@ -6,10 +6,7 @@ # This macro handles mail message submission traffic. # ############################################################################### -#ACTION SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP - -COMMENT Submission - +#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP PARAM - - tcp 587 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/Shorewall-common/macro.Syslog b/Shorewall-common/macro.Syslog index f46c77a66..9efc6443e 100644 --- a/Shorewall-common/macro.Syslog +++ b/Shorewall-common/macro.Syslog @@ -6,10 +6,7 @@ # This macro handles syslog UDP traffic. # ############################################################################### -#ACTION SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP - -COMMENT Syslog - +#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP PARAM - - udp 514 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/Shorewall-common/macro.TFTP b/Shorewall-common/macro.TFTP index e5659c983..70f2c0980 100644 --- a/Shorewall-common/macro.TFTP +++ b/Shorewall-common/macro.TFTP @@ -8,10 +8,7 @@ # Internet. # ############################################################################### -#ACTION SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP - -COMMENT TFTP - +#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP PARAM - - udp 69 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/Shorewall-common/macro.Telnet b/Shorewall-common/macro.Telnet index 3e72a8d6f..da87b2001 100644 --- a/Shorewall-common/macro.Telnet +++ b/Shorewall-common/macro.Telnet @@ -7,10 +7,7 @@ # internet, telnet is inappropriate; use SSH instead # ############################################################################### -#ACTION SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP - -COMMENT Telnet - +#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP PARAM - - tcp 23 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/Shorewall-common/macro.Telnets b/Shorewall-common/macro.Telnets index ec8663ed3..158e9b280 100644 --- a/Shorewall-common/macro.Telnets +++ b/Shorewall-common/macro.Telnets @@ -7,10 +7,7 @@ # For traffic over the internet, SSH might be more practical. # ############################################################################### -#ACTION SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP - -COMMENT Telnets - +#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP PARAM - - tcp 992 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/Shorewall-common/macro.Time b/Shorewall-common/macro.Time index abb44a766..4bc33d184 100644 --- a/Shorewall-common/macro.Time +++ b/Shorewall-common/macro.Time @@ -8,10 +8,7 @@ # you shouldn't be using this. NTP is a superior alternative. # ############################################################################### -#ACTION SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP - -COMMENT Time - +#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP PARAM - - tcp 37 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/Shorewall-common/macro.Trcrt b/Shorewall-common/macro.Trcrt index 0a1fe5b37..2d84d1eed 100644 --- a/Shorewall-common/macro.Trcrt +++ b/Shorewall-common/macro.Trcrt @@ -6,11 +6,8 @@ # This macro handles Traceroute (for up to 30 hops). # ############################################################################### -#ACTION SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP - -COMMENT Traceroute - +#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP PARAM - - udp 33434:33524 # UDP Traceroute PARAM - - icmp 8 # ICMP Traceroute #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/Shorewall-common/macro.VNC b/Shorewall-common/macro.VNC index 5838514e6..92102db5c 100644 --- a/Shorewall-common/macro.VNC +++ b/Shorewall-common/macro.VNC @@ -6,10 +6,7 @@ # This macro handles VNC traffic for VNC display's 0 - 9. # ############################################################################### -#ACTION SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP - -COMMENT VNC - +#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP PARAM - - tcp 5900:5909 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/Shorewall-common/macro.VNCL b/Shorewall-common/macro.VNCL index 23cf73ad3..52b1ffa21 100644 --- a/Shorewall-common/macro.VNCL +++ b/Shorewall-common/macro.VNCL @@ -7,10 +7,7 @@ # mode. # ############################################################################### -#ACTION SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP - -COMMENT VNC Listen Mode - +#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP PARAM - - tcp 5500 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/Shorewall-common/macro.Web b/Shorewall-common/macro.Web index 01605d8a4..3d54f800f 100644 --- a/Shorewall-common/macro.Web +++ b/Shorewall-common/macro.Web @@ -8,11 +8,8 @@ # is recommended. # ############################################################################### -#ACTION SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP - -COMMENT Web - +#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP PARAM - - tcp 80 # HTTP (plaintext) PARAM - - tcp 443 # HTTPS (over SSL) #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/Shorewall-common/macro.Webmin b/Shorewall-common/macro.Webmin index 011d1be49..8ac6d213a 100644 --- a/Shorewall-common/macro.Webmin +++ b/Shorewall-common/macro.Webmin @@ -6,10 +6,7 @@ # This macro handles Webmin traffic. # ############################################################################### -#ACTION SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP - -COMMENT Webmin - +#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP PARAM - - tcp 10000 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/Shorewall-common/macro.Whois b/Shorewall-common/macro.Whois index 9498bfc8a..5bc2a0509 100644 --- a/Shorewall-common/macro.Whois +++ b/Shorewall-common/macro.Whois @@ -6,10 +6,7 @@ # This macro handles whois (nicname) traffic. # ############################################################################### -#ACTION SOURCE PROTO DEST SOURCE RATE USER/ -# PORT(S) PORT(S) LIMIT GROUP - -COMMENT Whois - +#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ +# PORT(S) PORT(S) LIMIT GROUP PARAM - - tcp 43 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE