mirror of
https://gitlab.com/shorewall/code.git
synced 2024-12-23 14:48:51 +01:00
Add Eric Teeter's macro.ActiveDir
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
parent
f0e580347d
commit
bb5151733c
40
Shorewall/Macros/macro.ActiveDir
Normal file
40
Shorewall/Macros/macro.ActiveDir
Normal file
@ -0,0 +1,40 @@
|
||||
#
|
||||
# Shorewall version 4 - Samba 4 Macro
|
||||
#
|
||||
# /usr/share/shorewall/macro.ActiveDir
|
||||
#
|
||||
# This macro handles ports for Samba 4 Active Directory Service
|
||||
#
|
||||
# You can comment out the ports you do not want open
|
||||
#
|
||||
#
|
||||
###############################################################################
|
||||
#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/
|
||||
# PORT(S) PORT(S) LIMIT GROUP
|
||||
PARAM - - tcp 389 #LDAP services
|
||||
PARAM - - udp 389
|
||||
PARAM - - tcp 636 #LDAP SSL
|
||||
PARAM - - tcp 3268 #LDAP GC
|
||||
PARAM - - tcp 3269 #LDAP GC SSL
|
||||
PARAM - - tcp 88 #Kerberos
|
||||
PARAM - - udp 88
|
||||
|
||||
# Use macro.DNS for DNS sevice
|
||||
|
||||
PARAM - - tcp 445 #Replication, User and Computer Authentication, Group Policy, Trusts
|
||||
PARAM - - udp 445
|
||||
|
||||
# Use macro.SMTP for Mail service
|
||||
|
||||
PARAM - - tcp 135 #RPC, EPM
|
||||
PARAM - - tcp 5722 #RPC, DFSR (SYSVOL)
|
||||
PARAM - - udp 123 #Windows Time
|
||||
PARAM - - tcp 464 #Kerberosb change/set password
|
||||
PARAM - - udp 464
|
||||
PARAM - - udp 138 #DFS, Group Policy
|
||||
PARAM - - tcp 9389 #SOAP
|
||||
PARAM - - tcp 2535 #MADCAP
|
||||
PARAM - - udp 2535
|
||||
PARAM - - udp 137 #NetLogon, NetBIOS Name Resolution
|
||||
PARAM - - tcp 139 #DFSN, NetBIOS Session Service, NetLogon
|
||||
|
Loading…
Reference in New Issue
Block a user