extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2024-11-26 17:43:15 +01:00
Code Issues Packages Projects Releases Wiki Activity

new samples for the upcoming 2.6 release

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2528 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
judas_iscariote 2005-08-21 21:10:15 +00:00
parent bd44195ee7
commit d6da8fb9d5
2 changed files with 13 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
Samples/two-interfaces/interfaces
View File

@ -187,6 +187,6 @@
# #
############################################################################## ##############################################################################
#ZONE INTERFACE BROADCAST OPTIONS #ZONE INTERFACE BROADCAST OPTIONS
net eth0 detect dhcp,routefilter,norfc1918,tcpflags net eth0 detect dhcp,tcpflags,norfc1918,routefilter,nosmurfs,logmartians
loc eth1 detect tcpflags loc eth1 detect tcpflags,detectnets
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE

17
Samples/two-interfaces/rules
View File

@ -340,17 +340,22 @@
# #
# Accept DNS connections from the firewall to the network # Accept DNS connections from the firewall to the network
# #
ACCEPT fw net tcp 53 DNS/ACCEPT fw net
ACCEPT fw net udp 53
# #
# Accept SSH connections from the local network for administration # Accept SSH connections from the local network for administration
# #
ACCEPT loc fw tcp 22 SSH/ACCEPT loc net
# #
# Allow Ping To And From Firewall # Allow Ping from the local network
# #
ACCEPT loc fw icmp 8 Ping/ACCEPT loc fw
ACCEPT net fw icmp 8
#
# Reject Ping from the "bad" net zone.. and prevent your log from being flooded..
#
Ping/REJECT:none! net fw
ACCEPT fw loc icmp ACCEPT fw loc icmp
ACCEPT fw net icmp ACCEPT fw net icmp
# #