diff --git a/docs/6to4.xml b/docs/6to4.xml index 612fe4203..8852e93d8 100644 --- a/docs/6to4.xml +++ b/docs/6to4.xml @@ -417,10 +417,8 @@ iface sit1 inet6 v4tunnel Shorewall:
-@@ -455,24 +453,22 @@ ping6 ipv6.chat.eu.freenode.net#TYPE ZONE GATEWAY GATEWAY -# ZONE -6to4 net -#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE + #TYPE ZONE GATEWAY GATEWAY_ZONE +6to4 net
-+ #ZONE TYPE OPTIONS IN OUT -# OPTIONS OPTIONS -fw firewall -net ipv6 -loc ipv6 -dmz ipv6 -#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE #ZONE TYPE OPTIONS IN_OPTIONS OUT_OPTIONS + +fw firewall +net ipv6 +loc ipv6 +dmz ipv6
-+ #ZONE INTERFACE BROADCAST OPTIONS -net sit1 detect tcpflags,forward=1,nosmurfs -loc eth0 detect tcpflags,forward=1 -dmz eth2 detect tcpflags,forward=1 -#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE - #ZONE INTERFACE OPTIONS + +net sit1 tcpflags,forward=1,nosmurfs +loc eth0 tcpflags,forward=1 +dmz eth2 tcpflags,forward=1
-@@ -602,7 +602,7 @@ iface sit1 inet6 v4tunnel ttl 64 post-up echo 1 > /proc/sys/net/ipv6/conf/all/forwarding - +#ACTION SOURCE DEST PROTO DEST SOURCE ORIGINAL RATE USER/ MARK -# PORT PORT(S) DEST LIMIT GROUP + ++Ping(ACCEPT) all all #ACTION SOURCE DEST PROTO DPORT SPORT ORIGINAL RATE USER MARK CONNLIMIT TIME HEADERS SWITCH HELPER + +?SECTION ALL +?SECTION ESTABLISHED +?SECTION RELATED +?SECTION INVALID +?SECTION UNTRACKED +?SECTION NEW +# PORT PORT(S) DEST LIMIT GROUP # # Accept DNS connections from the firewall to the network # @@ -501,11 +504,8 @@ SSH(ACCEPT) loc $FW # # Allow Ping everywhere # -Ping(ACCEPT) all all - -# -#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE -