diff --git a/Shorewall2/changelog.txt b/Shorewall2/changelog.txt index 433d44f4e..84c11ccec 100644 --- a/Shorewall2/changelog.txt +++ b/Shorewall2/changelog.txt @@ -33,3 +33,5 @@ Changes since 2.0.3 firewall 10) Port "shorewall status" changes from 2.0.7. + +11) All config files are now empty. \ No newline at end of file diff --git a/Shorewall2/firewall b/Shorewall2/firewall index 8e162be9b..10d1e5b55 100755 --- a/Shorewall2/firewall +++ b/Shorewall2/firewall @@ -2823,7 +2823,7 @@ find_logactionchain() # $1 = Action Name, $2 = Log Level } # -# Read /etc/shorewall/actions and for each defined , pre-process +# Read /etc/shorewall/actions and /usr/share/shorewall/actions.std and for each defined , pre-process # /etc/shorewall/action. # @@ -2941,7 +2941,6 @@ process_actions2() { fi process_action $xaction $xtarget $xclients $xservers $xprotocol $xports $xcports $xratelimit $xuserspec - } log_action() { diff --git a/Shorewall2/policy b/Shorewall2/policy index e32083116..d3c862b38 100644 --- a/Shorewall2/policy +++ b/Shorewall2/policy @@ -76,10 +76,4 @@ ############################################################################### #SOURCE DEST POLICY LOG LIMIT:BURST # LEVEL -loc net ACCEPT -net all DROP info -# -# THE FOLLOWING POLICY MUST BE LAST -# -all all REJECT info #LAST LINE -- DO NOT REMOVE diff --git a/Shorewall2/releasenotes.txt b/Shorewall2/releasenotes.txt index c7d877ad4..c5049f59e 100755 --- a/Shorewall2/releasenotes.txt +++ b/Shorewall2/releasenotes.txt @@ -64,4 +64,10 @@ New Features: you to override the setting of ADD_IP_ALIASES=Yes by following the interface name with ":" but no digit. +4) All configuration files in the Shorewall distribution are now + empty. In particular, the /etc/shorewall/zones, + /etc/shorewall/policy and /etc/shorewall/tos files now have no + active entries. Hopefully this will stop the questions on the + support and development lists regarding why the default entries + are the way they are. diff --git a/Shorewall2/tos b/Shorewall2/tos index c77651475..ff3864449 100755 --- a/Shorewall2/tos +++ b/Shorewall2/tos @@ -43,10 +43,4 @@ # ############################################################################## #SOURCE DEST PROTOCOL SOURCE PORTS DEST PORTS TOS -all all tcp - ssh 16 -all all tcp ssh - 16 -all all tcp - ftp 16 -all all tcp ftp - 16 -all all tcp ftp-data - 8 -all all tcp - ftp-data 8 #LAST LINE -- Add your entries above -- DO NOT REMOVE diff --git a/Shorewall2/zones b/Shorewall2/zones index 18829019f..6dd73259c 100644 --- a/Shorewall2/zones +++ b/Shorewall2/zones @@ -13,7 +13,4 @@ # See http://www.shorewall.net/Documentation.htm#Nested # #ZONE DISPLAY COMMENTS -net Net Internet -loc Local Local networks -dmz DMZ Demilitarized zone #LAST LINE - ADD YOUR ENTRIES ABOVE THIS ONE - DO NOT REMOVE