extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2024-11-08 16:54:10 +01:00
Code Issues Packages Projects Releases Wiki Activity

Update blacklist file documentation

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3795 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2006-04-17 00:37:35 +00:00
parent 0ab2143d68
commit 78fb4c4ffd
1 changed files with 46 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
docs/Documentation.xml
View File

@ -15,7 +15,7 @@
</author> </author>
</authorgroup> </authorgroup>
<pubdate>2006-02-27</pubdate> <pubdate>2006-04-15</pubdate>
<copyright> <copyright>
<year>2001-2006</year> <year>2001-2006</year>
@ -3709,6 +3709,51 @@ all all tcp ftp-data - 8</programlisting
<quote>iptables -h icmp</quote>).</para> <quote>iptables -h icmp</quote>).</para>
</listitem> </listitem>
</varlistentry> </varlistentry>
<varlistentry>
<term>OPTIONS</term>
<listitem>
<para>(Optional) A comma-separated list of options. The
currently-supported options are:</para>
<itemizedlist>
<listitem>
<para>routeback - Set up a rule to ACCEPT traffic from these
hosts back to themselves.</para>
</listitem>
<listitem>
<para>source - Allow traffic from these hosts to ANY
destination. Without this option or the 'dest option, only
traffic from this host to other listed hosts (and the firewall)
is allowed. If 'source' is specified then 'routeback' is
redundant.</para>
</listitem>
<listitem>
<para>dest - Allow traffic to these hosts from ANY source.
Without this option or the 'source' option, only traffic from
this host to other listed hosts (and the firewall) is allowed.
If 'dest' is specified then 'routeback' is redundant.</para>
</listitem>
<listitem>
<para>critical - Allow traffic between the firewall and these
hosts throughout '[re]start', 'stop' and 'clear'. Specifying
'critical' on one or more entries will cause your firewall to be
"totally open" for a brief window during each of those
operations.</para>
</listitem>
</itemizedlist>
<note>
<para>The 'source' and 'dest' options work best when used in
conjunction with ADMINISABSENTMINDED=Yes in
/etc/shorewall/shorewall.conf.</para>
</note>
</listitem>
</varlistentry>
</variablelist> </variablelist>
<para>Shorewall also has a <ulink url="blacklisting_support.htm">dynamic <para>Shorewall also has a <ulink url="blacklisting_support.htm">dynamic