From c232bb529aec5c5dd4524e85de8d8a5dd1c88702 Mon Sep 17 00:00:00 2001 From: teastep Date: Wed, 21 Apr 2004 21:35:48 +0000 Subject: [PATCH] Add new files git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1282 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb --- STABLE2/bogons | 63 ++++++++++++++++++++++++++++++++++++++++++++++++++ STABLE2/netmap | 38 ++++++++++++++++++++++++++++++ 2 files changed, 101 insertions(+) create mode 100644 STABLE2/bogons create mode 100644 STABLE2/netmap diff --git a/STABLE2/bogons b/STABLE2/bogons new file mode 100644 index 000000000..a628499bd --- /dev/null +++ b/STABLE2/bogons @@ -0,0 +1,63 @@ +# +# Shorewall 2.0-- Bogons File +# +# /etc/shorewall/bogons +# +# Lists the subnetworks that are blocked by the 'nobogons' interface option. +# +# The default list includes those those ip ADDRESSES listed +# as 'reserved' by the IANA, the DHCP Autoconfig class B, and the class C +# reserved for use in documentation and examples. +# +# DO NOT MODIFY THIS FILE. IF YOU NEED TO MAKE CHANGES, COPY THE FILE +# TO /etc/shorewall AND MODIFY THE COPY. +# +# Columns are: +# +# SUBNET The subnet (host addresses also allowed) +# TARGET Where to send packets to/from this subnet +# RETURN - let the packet be processed normally +# DROP - silently drop the packet +# logdrop - log then drop +# +############################################################################### +#SUBNET TARGET +255.255.255.255 RETURN # We need to allow limited broadcast +169.254.0.0/16 DROP # DHCP autoconfig +192.0.2.0/24 logdrop # Example addresses (RFC 3330) +# +# The following are generated with the help of the Python program found at: +# +# http://www.shorewall.net/pub/shorewall/contrib/iana_reserved/ +# +# The program was contributed by Andy Wiggin +# +0.0.0.0/7 logdrop # Reserved +2.0.0.0/8 logdrop # Reserved +5.0.0.0/8 logdrop # Reserved +7.0.0.0/8 logdrop # Reserved +23.0.0.0/8 logdrop # Reserved +27.0.0.0/8 logdrop # Reserved +31.0.0.0/8 logdrop # Reserved +36.0.0.0/7 logdrop # Reserved +39.0.0.0/8 logdrop # Reserved +41.0.0.0/8 logdrop # Reserved +42.0.0.0/8 logdrop # Reserved +49.0.0.0/8 logdrop # JTC - Returned to IANA Mar 98 +50.0.0.0/8 logdrop # JTC - Returned to IANA Mar 98 +58.0.0.0/7 logdrop # Reserved +70.0.0.0/7 logdrop # Reserved +72.0.0.0/5 logdrop # Reserved +85.0.0.0/8 logdrop # Reserved +86.0.0.0/7 logdrop # Reserved +88.0.0.0/5 logdrop # Reserved +96.0.0.0/3 logdrop # Reserved +127.0.0.0/8 logdrop # Loopback +197.0.0.0/8 logdrop # Reserved +198.18.0.0/15 logdrop # Reserved +223.0.0.0/8 logdrop # Reserved - Returned by APNIC in 2003 +240.0.0.0/4 logdrop # Reserved +# +# End of generated entries +# +#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/STABLE2/netmap b/STABLE2/netmap new file mode 100644 index 000000000..8b57af253 --- /dev/null +++ b/STABLE2/netmap @@ -0,0 +1,38 @@ +############################################################################## +# +# Shorewall 2.0 -- Network Mapping Table +# +# /etc/shorewall/netmap +# +# This file is used to map addresses in one network to corresponding +# addresses in a second network. +# +# WARNING: To use this file, your kernel and iptables must have +# NETMAP support included. +# +# Columns must be separated by white space and are: +# +# TYPE Must be DNAT or SNAT. +# +# If DNAT, traffic entering INTERFACE and addressed to +# NET1 has it's destination address rewritten to the +# corresponding address in NET2. +# +# If SNAT, traffic leaving INTERFACE with a source +# address in NET1 has it's source address rewritten to +# the corresponding address in NET2. +# +# NET1 Network in CIDR format (e.g., 192.168.1.0/24) +# +# INTERFACE The name of a network interface. The interface must +# be defined in /etc/shorewall/interfaces. +# +# NET2 Network in CIDR format +# +# See http://shorewall.net/netmap.html for an example and usage +# information. +# +############################################################################## +#TYPE NET1 INTERFACE NET2 +# +#LAST LINE -- ADD YOUR ENTRIES ABOVE THIS LINE -- DO NOT REMOVE