extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-01-11 08:08:12 +01:00
Code Issues Packages Projects Releases Wiki Activity

Change sample IPv4 default actions

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2017-02-06 13:47:02 -08:00
parent b2553fb008
commit 95ffada759
No known key found for this signature in database
GPG Key ID: 96E6B3F2423A4D10
10 changed files with 87 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
Shorewall/Samples/Universal/params Normal file
View File

@ -0,0 +1,15 @@
#
# Shorewall - Sample Params File for universal configuration.
# Copyright (C) 2006-2014 by the Shorewall Team
#
# This library is free software; you can redistribute it and/or
# modify it under the terms of the GNU Lesser General Public
# License as published by the Free Software Foundation; either
# version 2.1 of the License, or (at your option) any later version.
#
# See the file README.txt for further details.
#------------------------------------------------------------------------------------------------------------
# For information on entries in this file, type "man shorewall-params"
######################################################################################################################################################################################################
LOG=info # Change this to change the way in which packets are logged.

6
Shorewall/Samples/Universal/shorewall.conf
View File

@ -108,11 +108,11 @@ TC=
############################################################################### ###############################################################################
ACCEPT_DEFAULT="none" ACCEPT_DEFAULT="none"
BLACKLIST_DEFAULT="Drop" BLACKLIST_DEFAULT="dropBcast,dropInvalid:$LOG,dropNotSyn:$LOG"
DROP_DEFAULT="Drop" DROP_DEFAULT="dropBcast,dropInvalid:$LOG,dropNotSyn:$LOG"
NFQUEUE_DEFAULT="none" NFQUEUE_DEFAULT="none"
QUEUE_DEFAULT="none" QUEUE_DEFAULT="none"
REJECT_DEFAULT="Reject" REJECT_DEFAULT="dropBcast,dropInvalid:$LOG"
############################################################################### ###############################################################################
# R S H / R C P C O M M A N D S # R S H / R C P C O M M A N D S

15
Shorewall/Samples/one-interface/params Normal file
View File

@ -0,0 +1,15 @@
#
# Shorewall - Sample Params File for one-interface configuration.
# Copyright (C) 2006-2014 by the Shorewall Team
#
# This library is free software; you can redistribute it and/or
# modify it under the terms of the GNU Lesser General Public
# License as published by the Free Software Foundation; either
# version 2.1 of the License, or (at your option) any later version.
#
# See the file README.txt for further details.
#------------------------------------------------------------------------------------------------------------
# For information on entries in this file, type "man shorewall-params"
######################################################################################################################################################################################################
LOG=info # Change this to change the way in which packets are logged.

17
Shorewall/Samples/one-interface/shorewall.conf
View File

@ -64,19 +64,19 @@ LOGTAGONLY=No
LOGLIMIT="s:1/sec:10" LOGLIMIT="s:1/sec:10"
MACLIST_LOG_LEVEL=info MACLIST_LOG_LEVEL="$LOG"
RELATED_LOG_LEVEL= RELATED_LOG_LEVEL=
RPFILTER_LOG_LEVEL=info RPFILTER_LOG_LEVEL="$LOG"
SFILTER_LOG_LEVEL=info SFILTER_LOG_LEVEL="$LOG"
SMURF_LOG_LEVEL=info SMURF_LOG_LEVEL="$LOG"
STARTUP_LOG=/var/log/shorewall-init.log STARTUP_LOG=/var/log/shorewall-init.log
TCP_FLAGS_LOG_LEVEL=info TCP_FLAGS_LOG_LEVEL="$LOG"
UNTRACKED_LOG_LEVEL= UNTRACKED_LOG_LEVEL=
@ -100,7 +100,6 @@ LOCKFILE=
MODULESDIR= MODULESDIR=
NFACCT=
PERL=/usr/bin/perl PERL=/usr/bin/perl
@ -119,11 +118,11 @@ TC=
############################################################################### ###############################################################################
ACCEPT_DEFAULT="none" ACCEPT_DEFAULT="none"
BLACKLIST_DEFAULT="Drop" BLACKLIST_DEFAULT="dropBcast,dropInvalid:$LOG,dropNotSyn:$LOG"
DROP_DEFAULT="Drop" DROP_DEFAULT="dropBcast,dropInvalid:$LOG,dropNotSyn:$LOG"
NFQUEUE_DEFAULT="none" NFQUEUE_DEFAULT="none"
QUEUE_DEFAULT="none" QUEUE_DEFAULT="none"
REJECT_DEFAULT="Reject" REJECT_DEFAULT="dropBcast,dropInvalid:$LOG"
############################################################################### ###############################################################################
# R S H / R C P C O M M A N D S # R S H / R C P C O M M A N D S

15
Shorewall/Samples/three-interfaces/params Normal file
View File

@ -0,0 +1,15 @@
#
# Shorewall - Sample Params File for three-interface configuration.
# Copyright (C) 2006-2014 by the Shorewall Team
#
# This library is free software; you can redistribute it and/or
# modify it under the terms of the GNU Lesser General Public
# License as published by the Free Software Foundation; either
# version 2.1 of the License, or (at your option) any later version.
#
# See the file README.txt for further details.
#------------------------------------------------------------------------------------------------------------
# For information on entries in this file, type "man shorewall-params"
######################################################################################################################################################################################################
LOG=info # Change this to change the way in which packets are logged.

6
Shorewall/Samples/three-interfaces/shorewall.conf
View File

@ -116,11 +116,11 @@ TC=
############################################################################### ###############################################################################
ACCEPT_DEFAULT="none" ACCEPT_DEFAULT="none"
BLACKLIST_DEFAULT="Drop" BLACKLIST_DEFAULT="dropBcast,dropInvalid:$LOG,dropNotSyn:$LOG"
DROP_DEFAULT="Drop" DROP_DEFAULT="dropBcast,dropInvalid:$LOG,dropNotSyn:$LOG"
NFQUEUE_DEFAULT="none" NFQUEUE_DEFAULT="none"
QUEUE_DEFAULT="none" QUEUE_DEFAULT="none"
REJECT_DEFAULT="Reject" REJECT_DEFAULT="dropBcast,dropInvalid:$LOG"
############################################################################### ###############################################################################
# R S H / R C P C O M M A N D S # R S H / R C P C O M M A N D S

15
Shorewall/Samples/two-interfaces/params Normal file
View File

@ -0,0 +1,15 @@
#
# Shorewall - Sample Params File for two-interface configuration.
# Copyright (C) 2006-2014 by the Shorewall Team
#
# This library is free software; you can redistribute it and/or
# modify it under the terms of the GNU Lesser General Public
# License as published by the Free Software Foundation; either
# version 2.1 of the License, or (at your option) any later version.
#
# See the file README.txt for further details.
#------------------------------------------------------------------------------------------------------------
# For information on entries in this file, type "man shorewall-params"
######################################################################################################################################################################################################
LOG=info # Change this to change the way in which packets are logged.

6
Shorewall/Samples/two-interfaces/shorewall.conf
View File

@ -119,11 +119,11 @@ TC=
############################################################################### ###############################################################################
ACCEPT_DEFAULT="none" ACCEPT_DEFAULT="none"
BLACKLIST_DEFAULT="Drop" BLACKLIST_DEFAULT="dropBcast,dropInvalid:$LOG,dropNotSyn:$LOG"
DROP_DEFAULT="Drop" DROP_DEFAULT="dropBcast,dropInvalid:$LOG,dropNotSyn:$LOG"
NFQUEUE_DEFAULT="none" NFQUEUE_DEFAULT="none"
QUEUE_DEFAULT="none" QUEUE_DEFAULT="none"
REJECT_DEFAULT="Reject" REJECT_DEFAULT="dropBcast,dropInvalid:$LOG"
############################################################################### ###############################################################################
# R S H / R C P C O M M A N D S # R S H / R C P C O M M A N D S

1
Shorewall/configfiles/params
View File

@ -22,3 +22,4 @@
# net eth0 130.252.100.255 routefilter,norfc1918 # net eth0 130.252.100.255 routefilter,norfc1918
# #
############################################################################### ###############################################################################
LOG=info # Default Log Level

18
Shorewall/configfiles/shorewall.conf
View File

@ -2,7 +2,7 @@
# #
# Shorewall Version 5 -- /etc/shorewall/shorewall.conf # Shorewall Version 5 -- /etc/shorewall/shorewall.conf
# #
# For information about the settings in this file, type "man shorewall.conf" # For $LOGrmation about the settings in this file, type "man shorewall.conf"
# #
# Manpage also online at http://www.shorewall.net/manpages/shorewall.conf.html # Manpage also online at http://www.shorewall.net/manpages/shorewall.conf.html
############################################################################### ###############################################################################
@ -53,19 +53,19 @@ LOGTAGONLY=No
LOGLIMIT="s:1/sec:10" LOGLIMIT="s:1/sec:10"
MACLIST_LOG_LEVEL=info MACLIST_LOG_LEVEL=$LOG
RELATED_LOG_LEVEL= RELATED_LOG_LEVEL=
RPFILTER_LOG_LEVEL=info RPFILTER_LOG_LEVEL=$LOG
SFILTER_LOG_LEVEL=info SFILTER_LOG_LEVEL=$LOG
SMURF_LOG_LEVEL=info SMURF_LOG_LEVEL=$LOG
STARTUP_LOG=/var/log/shorewall-init.log STARTUP_LOG=/var/log/shorewall-init.log
TCP_FLAGS_LOG_LEVEL=info TCP_FLAGS_LOG_LEVEL=$LOG
UNTRACKED_LOG_LEVEL= UNTRACKED_LOG_LEVEL=
@ -108,11 +108,11 @@ TC=
############################################################################### ###############################################################################
ACCEPT_DEFAULT=none ACCEPT_DEFAULT=none
BLACKLIST_DEFAULT=Drop BLACKLIST_DEFAULT=dropBcasts,dropNotSyn:$LOG,dropInvalid:$LOG
DROP_DEFAULT=Drop DROP_DEFAULT=dropBcasts,dropNotSyn:$LOG,dropInvalid:$LOG
NFQUEUE_DEFAULT=none NFQUEUE_DEFAULT=none
QUEUE_DEFAULT=none QUEUE_DEFAULT=none
REJECT_DEFAULT=Reject REJECT_DEFAULT=dropBcasts,dropInvalid:$LOG
############################################################################### ###############################################################################
# R S H / R C P C O M M A N D S # R S H / R C P C O M M A N D S