From d6da8fb9d5c23a082e69dace6d5327d5da3e60c0 Mon Sep 17 00:00:00 2001
From: judas_iscariote <judas_iscariote@fbd18981-670d-0410-9b5c-8dc0c1a9a2bb>
Date: Sun, 21 Aug 2005 21:10:15 +0000
Subject: [PATCH] new samples for the upcoming 2.6 release

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2528 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
---
 Samples/two-interfaces/interfaces |  4 ++--
 Samples/two-interfaces/rules      | 17 +++++++++++------
 2 files changed, 13 insertions(+), 8 deletions(-)

diff --git a/Samples/two-interfaces/interfaces b/Samples/two-interfaces/interfaces
index 09bd960af..5f8d7552b 100755
--- a/Samples/two-interfaces/interfaces
+++ b/Samples/two-interfaces/interfaces
@@ -187,6 +187,6 @@
 #
 ##############################################################################
 #ZONE	INTERFACE	BROADCAST	OPTIONS
-net	eth0		detect		dhcp,routefilter,norfc1918,tcpflags
-loc	eth1		detect		tcpflags
+net	eth0		detect		dhcp,tcpflags,norfc1918,routefilter,nosmurfs,logmartians
+loc	eth1		detect		tcpflags,detectnets
 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
diff --git a/Samples/two-interfaces/rules b/Samples/two-interfaces/rules
index c5f5cdafe..8afc35407 100755
--- a/Samples/two-interfaces/rules
+++ b/Samples/two-interfaces/rules
@@ -340,17 +340,22 @@
 #
 #	Accept DNS connections from the firewall to the network
 #
-ACCEPT		fw		net		tcp	53
-ACCEPT		fw		net		udp	53
+DNS/ACCEPT	fw		net
 #
 #	Accept SSH connections from the local network for administration
 #
-ACCEPT		loc		fw		tcp	22
+SSH/ACCEPT	loc             net	
 #
-#	Allow Ping To And From Firewall
+#	Allow Ping from the local network
 #
-ACCEPT		loc		fw		icmp	8
-ACCEPT		net		fw		icmp	8
+Ping/ACCEPT	loc		fw
+
+#
+# Reject Ping from the "bad" net zone.. and prevent your log from being flooded..
+#
+
+Ping/REJECT:none!     net		fw
+
 ACCEPT		fw		loc		icmp	
 ACCEPT		fw		net		icmp	
 #