From db64cd9a8a1b9eaef62a9afced9f890d27802e1f Mon Sep 17 00:00:00 2001
From: frannie <frannie@fbd18981-670d-0410-9b5c-8dc0c1a9a2bb>
Date: Thu, 13 Mar 2003 01:15:49 +0000
Subject: [PATCH] Removed Common File And Mondified Ping Rules

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@502 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
---
 Samples/three-interfaces/rules | 6 ++++--
 Samples/two-interfaces/rules   | 6 +++---
 2 files changed, 7 insertions(+), 5 deletions(-)

diff --git a/Samples/three-interfaces/rules b/Samples/three-interfaces/rules
index 522d5cf4c..4e172a20a 100755
--- a/Samples/three-interfaces/rules
+++ b/Samples/three-interfaces/rules
@@ -249,8 +249,8 @@ ACCEPT	loc		dmz		tcp	22
 ACCEPT	dmz		net		tcp	53
 ACCEPT	dmz		net		udp	53
 #
-#	Make ping work between the DMZ, net and local zone (assumes that the loc->
-#	net policy is ACCEPT).
+#	Make ping work bi-directionally between the dmz, net, Firewall and local zone 
+#	(assumes that the loc-> net policy is ACCEPT).
 #
 ACCEPT	net		fw		icmp	8
 ACCEPT	loc		fw		icmp	8
@@ -258,6 +258,8 @@ ACCEPT	dmz		fw		icmp	8
 ACCEPT	loc		dmz		icmp	8
 ACCEPT	dmz		loc		icmp	8
 ACCEPT	dmz		net		icmp	8
+ACCEPT	fw		loc		icmp	8
+ACCEPT	fw		dmz		icmp	8
 ACCEPT	net		dmz		icmp	8	# Only with Proxy ARP and
 ACCEPT	net		loc		icmp	8 	# static NAT
 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
diff --git a/Samples/two-interfaces/rules b/Samples/two-interfaces/rules
index 640ac79d6..597f131bc 100755
--- a/Samples/two-interfaces/rules
+++ b/Samples/two-interfaces/rules
@@ -230,11 +230,11 @@ ACCEPT		fw		net		udp	53
 #
 ACCEPT		loc		fw		tcp	22
 #
-#	Accept Ping Ubiquitously
+#	Allow Ping To And From Firewall
 #
 ACCEPT		loc		fw		icmp	8
 ACCEPT		net		fw		icmp	8
-#
-# 	All ICMP are accepted fw->all
+ACCEPT		fw		loc		icmp	8
+ACCEPT		fw		net		icmp	8
 #
 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE