extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2024-11-22 15:43:30 +01:00
Code Issues Packages Projects Releases Wiki Activity

Change AllowICMPs to an inline action

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>

Conflicts:
	Shorewall/actions.std
This commit is contained in:
Tom Eastep 2017-03-07 11:41:05 -08:00
parent 6019adaae5
commit 5a996cbda7
No known key found for this signature in database
GPG Key ID: 96E6B3F2423A4D10
6 changed files with 11 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
Shorewall/Samples/Universal/shorewall.conf
View File

@ -110,8 +110,8 @@ TC=
############################################################################### ###############################################################################
ACCEPT_DEFAULT=none ACCEPT_DEFAULT=none
BLACKLIST_DEFAULT="Broadcast(DROP),Multicast(DROP),dropNotSyn:$LOG_LEVEL,dropInvalid:$LOG_LEVEL,DropDNSrep:$LOG_LEVEL" BLACKLIST_DEFAULT="Broadcast(DROP),Multicast(DROP),AllowICMPs,dropNotSyn:$LOG_LEVEL,dropInvalid:$LOG_LEVEL,DropDNSrep:$LOG_LEVEL"
DROP_DEFAULT="Broadcast(DROP),Multicast(DROP)" DROP_DEFAULT="Broadcast(DROP),Multicast(DROP),AllowICMPs"
NFQUEUE_DEFAULT=none NFQUEUE_DEFAULT=none
QUEUE_DEFAULT=none QUEUE_DEFAULT=none
REJECT_DEFAULT="Broadcast(DROP),Multicast(DROP)" REJECT_DEFAULT="Broadcast(DROP),Multicast(DROP)"

4
Shorewall/Samples/one-interface/shorewall.conf
View File

@ -121,8 +121,8 @@ TC=
############################################################################### ###############################################################################
ACCEPT_DEFAULT=none ACCEPT_DEFAULT=none
BLACKLIST_DEFAULT="Broadcast(DROP),Multicast(DROP),dropNotSyn:$LOG_LEVEL,dropInvalid:$LOG_LEVEL,DropDNSrep:$LOG_LEVEL" BLACKLIST_DEFAULT="Broadcast(DROP),Multicast(DROP),AllowICMPs,dropNotSyn:$LOG_LEVEL,dropInvalid:$LOG_LEVEL,DropDNSrep:$LOG_LEVEL"
DROP_DEFAULT="Broadcast(DROP),Multicast(DROP)" DROP_DEFAULT="Broadcast(DROP),Multicast(DROP),AllowICMPs"
NFQUEUE_DEFAULT=none NFQUEUE_DEFAULT=none
QUEUE_DEFAULT=none QUEUE_DEFAULT=none
REJECT_DEFAULT="Broadcast(DROP),Multicast(DROP)" REJECT_DEFAULT="Broadcast(DROP),Multicast(DROP)"

4
Shorewall/Samples/three-interfaces/shorewall.conf
View File

@ -118,8 +118,8 @@ TC=
############################################################################### ###############################################################################
ACCEPT_DEFAULT=none ACCEPT_DEFAULT=none
BLACKLIST_DEFAULT="Broadcast(DROP),Multicast(DROP),dropNotSyn:$LOG_LEVEL,dropInvalid:$LOG_LEVEL,DropDNSrep:$LOG_LEVEL" BLACKLIST_DEFAULT="Broadcast(DROP),Multicast(DROP),AllowICMPs,dropNotSyn:$LOG_LEVEL,dropInvalid:$LOG_LEVEL,DropDNSrep:$LOG_LEVEL"
DROP_DEFAULT="Broadcast(DROP),Multicast(DROP)" DROP_DEFAULT="Broadcast(DROP),Multicast(DROP),AllowICMPs"
NFQUEUE_DEFAULT=none NFQUEUE_DEFAULT=none
QUEUE_DEFAULT=none QUEUE_DEFAULT=none
REJECT_DEFAULT="Broadcast(DROP),Multicast(DROP)" REJECT_DEFAULT="Broadcast(DROP),Multicast(DROP)"

4
Shorewall/Samples/two-interfaces/shorewall.conf
View File

@ -121,8 +121,8 @@ TC=
############################################################################### ###############################################################################
ACCEPT_DEFAULT=none ACCEPT_DEFAULT=none
BLACKLIST_DEFAULT="Broadcast(DROP),Multicast(DROP),dropNotSyn:$LOG_LEVEL,dropInvalid:$LOG_LEVEL,DropDNSrep:$LOG_LEVEL" BLACKLIST_DEFAULT="Broadcast(DROP),Multicast(DROP),AllowICMPs,dropNotSyn:$LOG_LEVEL,dropInvalid:$LOG_LEVEL,DropDNSrep:$LOG_LEVEL"
DROP_DEFAULT="Broadcast(DROP),Multicast(DROP)" DROP_DEFAULT="Broadcast(DROP),Multicast(DROP),AllowICMPs"
NFQUEUE_DEFAULT=none NFQUEUE_DEFAULT=none
QUEUE_DEFAULT=none QUEUE_DEFAULT=none
REJECT_DEFAULT="Broadcast(DROP),Multicast(DROP)" REJECT_DEFAULT="Broadcast(DROP),Multicast(DROP)"

2
Shorewall/actions.std
View File

@ -12,9 +12,9 @@ A_Drop # Audited Default Action for DROP policy
A_REJECT noinline,logjump # Audits then rejects a connection request A_REJECT noinline,logjump # Audits then rejects a connection request
A_REJECT! inline # Audits then rejects a connection request A_REJECT! inline # Audits then rejects a connection request
A_Reject # Audited Default action for REJECT policy A_Reject # Audited Default action for REJECT policy
AllowICMPs inline # Allow Required ICMP packets
allowBcast inline # Silently Allow Broadcast allowBcast inline # Silently Allow Broadcast
allowinUPnP inline # Allow UPnP inbound (to firewall) traffic allowinUPnP inline # Allow UPnP inbound (to firewall) traffic
AllowICMPs inline # Allow Required ICMP packets
allowInvalid inline # Accepts packets in the INVALID conntrack state allowInvalid inline # Accepts packets in the INVALID conntrack state
allowMcast inline # Silently Allow Multicast allowMcast inline # Silently Allow Multicast
AutoBL noinline # Auto-blacklist IPs that exceed thesholds AutoBL noinline # Auto-blacklist IPs that exceed thesholds

4
Shorewall/configfiles/shorewall.conf
View File

@ -110,8 +110,8 @@ TC=
############################################################################### ###############################################################################
ACCEPT_DEFAULT=none ACCEPT_DEFAULT=none
BLACKLIST_DEFAULT="Broadcast(DROP),Multicast(DROP),dropNotSyn:$LOG_LEVEL,dropInvalid:$LOG_LEVEL,DropDNSrep:$LOG_LEVEL" BLACKLIST_DEFAULT="Broadcast(DROP),Multicast(DROP),AllowICMPs,dropNotSyn:$LOG_LEVEL,dropInvalid:$LOG_LEVEL,DropDNSrep:$LOG_LEVEL"
DROP_DEFAULT="Broadcast(DROP),Multicast(DROP)" DROP_DEFAULT="Broadcast(DROP),Multicast(DROP),AllowICMPs"
NFQUEUE_DEFAULT=none NFQUEUE_DEFAULT=none
QUEUE_DEFAULT=none QUEUE_DEFAULT=none
REJECT_DEFAULT="Broadcast(DROP),Multicast(DROP)" REJECT_DEFAULT="Broadcast(DROP),Multicast(DROP)"