From d0595fc651f30afd63c4152ca88b6baf2f350937 Mon Sep 17 00:00:00 2001 From: frannie Date: Wed, 12 Nov 2003 00:13:04 +0000 Subject: [PATCH] Updated Comments For 1.4.8 Rule File Changes git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@788 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb --- Samples/one-interface/interfaces | 7 ++++++- Samples/one-interface/policy | 2 +- Samples/one-interface/rules | 7 +++++-- Samples/one-interface/zones | 2 +- Samples/three-interfaces/interfaces | 7 ++++++- Samples/three-interfaces/masq | 2 +- Samples/three-interfaces/policy | 2 +- Samples/three-interfaces/routestopped | 2 +- Samples/three-interfaces/rules | 11 +++++++---- Samples/three-interfaces/zones | 2 +- Samples/two-interfaces/interfaces | 9 ++++++++- Samples/two-interfaces/masq | 2 +- Samples/two-interfaces/policy | 2 +- Samples/two-interfaces/routestopped | 2 +- Samples/two-interfaces/rules | 7 +++++-- Samples/two-interfaces/zones | 2 +- 16 files changed, 47 insertions(+), 21 deletions(-) diff --git a/Samples/one-interface/interfaces b/Samples/one-interface/interfaces index ba728d1fe..cf71dbea9 100755 --- a/Samples/one-interface/interfaces +++ b/Samples/one-interface/interfaces @@ -1,5 +1,5 @@ # -# Shorewall 1.4.7 -- Sample Interface File For One Interface +# Shorewall 1.4.8 -- Sample Interface File For One Interface # # /etc/shorewall/interfaces # @@ -106,6 +106,11 @@ # /etc/shorewall/shorewall.conf. # # This option has no effect if NEWNOTSYN=Yes +# routeback +# If specified, indicates that Shorewall +# should include rules that allow filtering +# traffic arriving on this interface back +# out that same interface. # arp_filter # If specified, this interface will only respond # to ARP who-has requests for IP addresses diff --git a/Samples/one-interface/policy b/Samples/one-interface/policy index 316d50488..d960a07a0 100644 --- a/Samples/one-interface/policy +++ b/Samples/one-interface/policy @@ -1,5 +1,5 @@ # -# Shorewall 1.4.7 -- Sample Policy File For One Interface +# Shorewall 1.4.8 -- Sample Policy File For One Interface # # /etc/shorewall/policy # diff --git a/Samples/one-interface/rules b/Samples/one-interface/rules index 0e2b0f15e..99be56d94 100755 --- a/Samples/one-interface/rules +++ b/Samples/one-interface/rules @@ -1,5 +1,5 @@ # -# Shorewall version 1.4.7 - Sample Rules File For One Interface +# Shorewall version 1.4.8 - Sample Rules File For One Interface # # /etc/shorewall/rules # @@ -16,7 +16,7 @@ # # # ACTION ACCEPT, DROP, REJECT, DNAT, DNAT-, REDIRECT, -# REDIRECT-, CONTINUE or LOG. +# REDIRECT-, CONTINUE, LOG or QUEUE. # # ACCEPT # Allow the connection request @@ -54,6 +54,9 @@ # (those) zones(s). # LOG # Simply log the packet and continue. +# QUEUE +# Queue the packet to a user-space +# application such as p2pwall. # # You may rate-limit the rule by optionally following # ACCEPT, DNAT[-], REDIRECT[-] or LOG with diff --git a/Samples/one-interface/zones b/Samples/one-interface/zones index 5018e5a4b..6002f5d05 100644 --- a/Samples/one-interface/zones +++ b/Samples/one-interface/zones @@ -1,5 +1,5 @@ # -# Shorewall 1.4.7 -- Sample Zone File For One Interface +# Shorewall 1.4.8 -- Sample Zone File For One Interface # /etc/shorewall/zones # # This file determines your network zones. Columns are: diff --git a/Samples/three-interfaces/interfaces b/Samples/three-interfaces/interfaces index 94515ee3c..0b5caeab1 100755 --- a/Samples/three-interfaces/interfaces +++ b/Samples/three-interfaces/interfaces @@ -1,5 +1,5 @@ # -# Shorewall 1.4.7 -- Sample Interface File For Three Interfaces +# Shorewall 1.4.8 -- Sample Interface File For Three Interfaces # # /etc/shorewall/interfaces # @@ -106,6 +106,11 @@ # /etc/shorewall/shorewall.conf. # # This option has no effect if NEWNOTSYN=Yes. +# routeback +# If specified, indicates that Shorewall +# should include rules that allow filtering +# traffic arriving on this interface back +# out that same interface. # arp_filter # If specified, this interface will only respond # to ARP who-has requests for IP addresses diff --git a/Samples/three-interfaces/masq b/Samples/three-interfaces/masq index 6c3f8df7d..543408629 100755 --- a/Samples/three-interfaces/masq +++ b/Samples/three-interfaces/masq @@ -1,5 +1,5 @@ # -# Shorewall 1.4.7 - Sample Masquerade file For Three Interfaces +# Shorewall 1.4.8 - Sample Masquerade file For Three Interfaces # # etc/shorewall/masq # diff --git a/Samples/three-interfaces/policy b/Samples/three-interfaces/policy index df2e79322..e6510fef7 100644 --- a/Samples/three-interfaces/policy +++ b/Samples/three-interfaces/policy @@ -1,5 +1,5 @@ # -# Shorewall 1.4.7 -- Sample Policy File For Three Interfaces +# Shorewall 1.4.8 -- Sample Policy File For Three Interfaces # # /etc/shorewall/policy # diff --git a/Samples/three-interfaces/routestopped b/Samples/three-interfaces/routestopped index 7fb7362ae..b862483b5 100644 --- a/Samples/three-interfaces/routestopped +++ b/Samples/three-interfaces/routestopped @@ -1,6 +1,6 @@ ############################################################################## # -# Shorewall 1.4.7 -- Sample Routestopped File For Three Interfaces. +# Shorewall 1.4.8 -- Sample Routestopped File For Three Interfaces. # # /etc/shorewall/routestopped # diff --git a/Samples/three-interfaces/rules b/Samples/three-interfaces/rules index 9f28f5cd1..354475b8a 100755 --- a/Samples/three-interfaces/rules +++ b/Samples/three-interfaces/rules @@ -1,5 +1,5 @@ # -# Shorewall version 1.4.7 - Sample Rules File For Three Interfaces +# Shorewall version 1.4.8 - Sample Rules File For Three Interfaces # # /etc/shorewall/rules # @@ -16,12 +16,12 @@ # # # ACTION ACCEPT, DROP, REJECT, DNAT, DNAT-, REDIRECT, -# REDIRECT-, CONTINUE or LOG. +# REDIRECT-, CONTINUE, LOG Or QUEUE. # # ACCEPT -# Allow the connection request +# Allow the connection request. # DROP -# Ignore the request +# Ignore the request. # REJECT # Disallow the request and return an # icmp-unreachable or an RST packet. @@ -54,6 +54,9 @@ # (those) zones(s). # LOG # Simply log the packet and continue. +# QUEUE +# Queue the packet to a user-space +# application such as p2pwall. # # You may rate-limit the rule by optionally following # ACCEPT, DNAT[-], REDIRECT[-] or LOG with diff --git a/Samples/three-interfaces/zones b/Samples/three-interfaces/zones index 0bbbe7ad9..026caf30b 100644 --- a/Samples/three-interfaces/zones +++ b/Samples/three-interfaces/zones @@ -1,5 +1,5 @@ # -# Shorewall 1.4.7 -- Sample Zone File For Two Interfaces +# Shorewall 1.4.8 -- Sample Zone File For Two Interfaces # /etc/shorewall/zones # # This file determines your network zones. Columns are: diff --git a/Samples/two-interfaces/interfaces b/Samples/two-interfaces/interfaces index b689a98b8..95fef507c 100755 --- a/Samples/two-interfaces/interfaces +++ b/Samples/two-interfaces/interfaces @@ -1,5 +1,5 @@ # -# Shorewall 1.4.7 -- Sample Interface File For Two Interfaces +# Shorewall 1.4.8 -- Sample Interface File For Two Interfaces # # /etc/shorewall/interfaces # @@ -110,6 +110,13 @@ # /etc/shorewall/shorewall.conf. # # This option has no effect if NEWNOTSYN=Yes. +# +# routeback +# If specified, indicates that Shorewall +# should include rules that allow filtering +# traffic arriving on this interface back +# out that same interface. +# # arp_filter # If specified, this interface will only respond # to ARP who-has requests for IP addresses diff --git a/Samples/two-interfaces/masq b/Samples/two-interfaces/masq index 1c240c026..23ba4534e 100755 --- a/Samples/two-interfaces/masq +++ b/Samples/two-interfaces/masq @@ -1,5 +1,5 @@ # -# Shorewall 1.4.7 - Sample Masquerade file For Two Interfaces +# Shorewall 1.4.8 - Sample Masquerade file For Two Interfaces # # etc/shorewall/masq # diff --git a/Samples/two-interfaces/policy b/Samples/two-interfaces/policy index 6e5df6b1c..3096691e8 100644 --- a/Samples/two-interfaces/policy +++ b/Samples/two-interfaces/policy @@ -1,5 +1,5 @@ # -# Shorewall 1.4.7 -- Sample Policy File For Two Interfaces +# Shorewall 1.4.8 -- Sample Policy File For Two Interfaces # # /etc/shorewall/policy # diff --git a/Samples/two-interfaces/routestopped b/Samples/two-interfaces/routestopped index 0ede19d9f..69ca068be 100644 --- a/Samples/two-interfaces/routestopped +++ b/Samples/two-interfaces/routestopped @@ -1,6 +1,6 @@ ############################################################################## # -# Shorewall 1.4.7 -- Sample Routestopped file for two interfaces. +# Shorewall 1.4.8 -- Sample Routestopped file for two interfaces. # # /etc/shorewall/routestopped # diff --git a/Samples/two-interfaces/rules b/Samples/two-interfaces/rules index d632e4e7b..36ac3e40f 100755 --- a/Samples/two-interfaces/rules +++ b/Samples/two-interfaces/rules @@ -1,5 +1,5 @@ # -# Shorewall version 1.4.7 - Sample Rules File For Two Interfaces +# Shorewall version 1.4.8 - Sample Rules File For Two Interfaces # # /etc/shorewall/rules # @@ -16,7 +16,7 @@ # # # ACTION ACCEPT, DROP, REJECT, DNAT, DNAT-, REDIRECT, -# REDIRECT-, CONTINUE or LOG. +# REDIRECT-, CONTINUE, LOG Or QUEUE. # # ACCEPT # Allow the connection request @@ -54,6 +54,9 @@ # (those) zones(s). # LOG # Simply log the packet and continue. +# QUEUE +# Queue the packet to a user-space +# application such as p2pwall. # # You may rate-limit the rule by optionally following # ACCEPT, DNAT[-], REDIRECT[-] or LOG with diff --git a/Samples/two-interfaces/zones b/Samples/two-interfaces/zones index 5a9ce1462..7439518ad 100644 --- a/Samples/two-interfaces/zones +++ b/Samples/two-interfaces/zones @@ -1,5 +1,5 @@ # -# Shorewall 1.4.7 -- Sample Zone File For Two Interfaces +# Shorewall 1.4.8 -- Sample Zone File For Two Interfaces # /etc/shorewall/zones # # This file determines your network zones. Columns are: