Cleaned up additional rules from Debian package. Got rid of versions

and paths in the header comments, since they're just as likely to be
wrong as not.  Changed all service names to port numbers.  eDonkey is a
big one - i wonder whether it isn't too variable for us to consider
providing a default rule.


git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2395 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb

Shorewall/action.AllowAmanda

@@ -1,11 +1,13 @@
 #
-# Shorewall 2.0 /etc/shorewall/action.AllowAmanda
+# Shorewall action.AllowAmanda
 #
-#	This action accepts connections required by the Amanda backup system.
+#	This action accepts connections to the AMANDA backup system.
 #
-######################################################################################
+################################################################################
 #TARGET  SOURCE		DEST      	PROTO	DEST		SOURCE	   RATE
 #                       	        	PORT		PORT(S)    LIMIT
-ACCEPT   -              -               udp     amanda
+ACCEPT   -              -               udp     10080
-ACCEPT   -              -               tcp     50000:50100
+# Not sure why this is necessary - using ip_conntrack_amanda along with
+# the above should be sufficient.
+#ACCEPT   -              -               tcp     50000:50100
 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE

Shorewall/action.AllowBitTorrent

@@ -1,9 +1,9 @@
 #
-# Shorewall 2.0 /etc/shorewall/action.AllowBitTorrent
+# Shorewall action.AllowBitTorrent
 #
 #	This action accepts BitTorrent traffic.
 #
-######################################################################################
+################################################################################
 #TARGET  SOURCE		DEST      	PROTO	DEST		SOURCE	   RATE
 #                       	        	PORT		PORT(S)    LIMIT
 ACCEPT   -              -               tcp     6881:6889

Shorewall/action.AllowCVS

@@ -1,9 +1,9 @@
 #
-# Shorewall 2.0 /etc/shorewall/action.AllowCVS
+# Shorewall action.AllowCVS
 #
-#	This action accepts connections required by the CVS server
+#	This action accepts connections to the CVS pserver.
 #
-######################################################################################
+################################################################################
 #TARGET  SOURCE		DEST      	PROTO	DEST		SOURCE	   RATE
 #                       	        	PORT		PORT(S)    LIMIT
 ACCEPT   -              -               tcp	2401

Shorewall/action.AllowDistcc

@@ -1,9 +1,10 @@
 #
-# Shorewall 2.0 /etc/shorewall/action.AllowDistcc
+# Shorewall action.AllowDistcc
 #
-#	This action accepts connections required by the Distributed Compiler service
+#	This action accepts connections to the Distributed Compiler
+#	service.
 #
-######################################################################################
+################################################################################
 #TARGET  SOURCE		DEST      	PROTO	DEST		SOURCE	   RATE
 #                       	        	PORT		PORT(S)    LIMIT
 ACCEPT   -              -               tcp	3632

Shorewall/action.AllowEdonkey

@@ -1,11 +1,31 @@
 #
-# Shorewall 2.2 /usr/share/shorewall/action.AllowEdonkey
+# Shorewall action.AllowEdonkey
 #
-#	This action accepts Edonkey traffic
+#	This action accepts Edonkey traffic.
 #
 ######################################################################################
 #TARGET  SOURCE		DEST      	PROTO	DEST    SOURCE	 	RATE	USER/
 #                       	        	PORT    PORT(S)		LIMIT	GROUP
 ACCEPT	 -		-		tcp	4662
 ACCEPT	 -		-		udp	4665
+#
+# http://www.portforward.com/english/routers/port_forwarding/2wire/1000s/eDonkey.htm
+# says to use udp 5737 rather than 4665
+#
+# http://www.amule.org/wiki/index.php/FAQ_ed2k says this:
+# 4661 TCP (outgoing)
+#    Port, on which a server listens for connection (defined by server). 
+#4665 UDP (outgoing)
+#    used for global server searches and global source queries. This is
+#always Server TCP port (in this case 4661) + 4. 
+#4662 TCP (outgoing and incoming)
+#    Client to client transfers. 
+#4672 UDP (outgoing and incoming)
+#    Extended eMule protocol, Queue Rating, File Reask Ping 
+#4711 TCP
+#    WebServer listening port. 
+#4712 TCP
+#    External Connection port. Used to communicate aMule with other
+#applications such as aMule WebServer or aMuleCMD.
+#
 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE

Shorewall/action.AllowGnutella

@@ -1,7 +1,7 @@
 #
-# Shorewall 2.2 /usr/share/shorewall/action.AllowGnutella
+# Shorewall action.AllowGnutella
 #
-#	This action accepts gnutella traffic
+#	This action accepts gnutella traffic.
 #
 ######################################################################################
 #TARGET  SOURCE		DEST      	PROTO	DEST    SOURCE	 	RATE	USER/

Shorewall/action.AllowICQ

@@ -1,9 +1,9 @@
 #
-# Shorewall 2.0 /etc/shorewall/action.AllowICQ
+# Shorewall action.AllowICQ
 #
 #	This action accepts ICQ traffic.
 #
-######################################################################################
+################################################################################
 #TARGET  SOURCE		DEST      	PROTO	DEST		SOURCE	   RATE
 #                       	        	PORT		PORT(S)    LIMIT
 ACCEPT   -              -               tcp     5190

Shorewall/action.AllowLDAP

@@ -1,10 +1,12 @@
 #
-# Shorewall 2.0 /etc/shorewall/action.AllowLDAP
+# Shorewall action.AllowLDAP
 #
 #	This action accepts LDAP traffic.
 #
-######################################################################################
+################################################################################
 #TARGET  SOURCE		DEST      	PROTO	DEST		SOURCE	   RATE
 #                       	        	PORT		PORT(S)    LIMIT
-ACCEPT   -              -               tcp     ldap
+ACCEPT   -              -               tcp     389
+# This is LDAPS - should it be included?
+#ACCEPT   -              -               tcp     636
 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE

Shorewall/action.AllowMySQL

@@ -1,9 +1,9 @@
 #
-# Shorewall 2.0 /etc/shorewall/action.AllowMySQL
+# Shorewall action.AllowMySQL
 #
-#	This action accepts connections required by the MySQL server
+#	This action accepts connections to the MySQL server.
 #
-######################################################################################
+################################################################################
 #TARGET  SOURCE		DEST      	PROTO	DEST		SOURCE	   RATE
 #                       	        	PORT		PORT(S)    LIMIT
 ACCEPT   -              -               tcp	3306

Shorewall/action.AllowPostgreSQL

@@ -1,9 +1,9 @@
 #
-# Shorewall 2.0 /etc/shorewall/action.AllowPostgreSQL
+# Shorewall action.AllowPostgreSQL
 #
-#	This action accepts connections required by the PostgreSQL server
+#	This action accepts connections to the PostgreSQL server.
 #
-######################################################################################
+################################################################################
 #TARGET  SOURCE		DEST      	PROTO	DEST		SOURCE	   RATE
 #                       	        	PORT		PORT(S)    LIMIT
 ACCEPT   -              -               tcp	5432

Shorewall/action.AllowRsync

@@ -1,10 +1,10 @@
 #
-# Shorewall 2.0 /etc/shorewall/action.AllowRsync
+# Shorewall action.AllowRsync
 #
-#	This action accepts connections required by the Rsync server
+#	This action accepts connections to the rsync server.
 #
-######################################################################################
+################################################################################
 #TARGET  SOURCE		DEST      	PROTO	DEST		SOURCE	   RATE
 #                       	        	PORT		PORT(S)    LIMIT
-ACCEPT   -              -               tcp	rsync
+ACCEPT   -              -               tcp	873
 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE

Shorewall/action.AllowSMBswat

@@ -1,9 +1,10 @@
 #
-# Shorewall 2.0 /etc/shorewall/action.AllowSMBswat
+# Shorewall action.AllowSMBswat
 #
-#	This action accepts connections required by the Amanda backup system.
+#	This action accepts connections to the Samba Web Administration
+#	Tool (SWAT).
 #
-######################################################################################
+################################################################################
 #TARGET  SOURCE		DEST      	PROTO	DEST		SOURCE	   RATE
 #                       	        	PORT		PORT(S)    LIMIT
 ACCEPT   -              -               tcp     901

Shorewall/action.AllowSPAMD

@@ -1,7 +1,7 @@
 #
-# Shorewall 2.0 /etc/shorewall/action.AllowSPAMD
+# Shorewall action.AllowSPAMD
 #
-#	This action accepts SPAMD traffic.
+#	This action accepts Spam Assassin SPAMD traffic.
 #
 ######################################################################################
 #TARGET  SOURCE		DEST      	PROTO	DEST    SOURCE	 	RATE	USER/

Shorewall/action.AllowSVN

@@ -1,9 +1,9 @@
 #
-# Shorewall 2.0 /etc/shorewall/action.AllowSVN
+# Shorewall action.AllowSVN
 #
-#	This action accepts connections required by the Subversion server
+#	This action accepts connections to the Subversion server.
 #
-######################################################################################
+################################################################################
 #TARGET  SOURCE		DEST      	PROTO	DEST		SOURCE	   RATE
 #                       	        	PORT		PORT(S)    LIMIT
 ACCEPT   -              -               tcp	3690

Shorewall/action.AllowSyslog

@@ -1,10 +1,10 @@
 #
-# Shorewall 2.0 /etc/shorewall/action.AllowSyslog
+# Shorewall action.AllowSyslog
 #
 #	This action accepts syslog UDP traffic.
 #
-######################################################################################
+################################################################################
 #TARGET  SOURCE		DEST      	PROTO	DEST		SOURCE	   RATE
 #                       	        	PORT		PORT(S)    LIMIT
-ACCEPT   -              -               udp     syslog
+ACCEPT   -              -               udp     514
 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE

Shorewall/action.DropEdonkey

@@ -1,12 +1,11 @@
 #
-# Shorewall 2.0 /etc/shorewall/action.DropEdonkey
+# Shorewall action.DropEdonkey
 #
 #	This action silently drops Edonkey Traffic.
 #
-######################################################################################
+################################################################################
 #TARGET  SOURCE		DEST      	PROTO	DEST		SOURCE	   RATE
 #                       	        	PORT		PORT(S)    LIMIT
-#                       	        	PORT    PORT(S)		LIMIT	GROUP
 DROP	 -		-		tcp	4662
 DROP	 -		-		udp	4665
 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE

Shorewall/action.DropGnutella

@@ -1,9 +1,9 @@
 #
-# Shorewall 2.0 /etc/shorewall/action.DropGnutella
+# Shorewall action.DropGnutella
 #
 #	This action silently drops Gnutella traffic.
 #
-######################################################################################
+################################################################################
 #TARGET  SOURCE		DEST      	PROTO	DEST		SOURCE	   RATE
 #                       	        	PORT		PORT(S)    LIMIT
 DROP     -              -               tcp     6346

Shorewall/action.DropSMTP

@@ -1,10 +1,10 @@
 #
-# Shorewall 2.0 /etc/shorewall/action.DropSMTP
+# Shorewall action.DropSMTP
 #
 #	This action silently drops SMTP traffic.
 #
-######################################################################################
+################################################################################
 #TARGET  SOURCE		DEST      	PROTO	DEST		SOURCE	   RATE
 #                       	        	PORT		PORT(S)    LIMIT
-DROP     -              -               tcp     smtp
+DROP     -              -               tcp     25
 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE