mirror of
https://gitlab.com/shorewall/code.git
synced 2024-12-25 07:38:57 +01:00
Enhance routestop changed to allow open source or open destination or both
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2151 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
parent
431aa21697
commit
fd437ec6fd
@ -345,11 +345,18 @@ New Features in version 2.4.0
|
||||
6) Normally when Shorewall is stopped, starting or restarting then
|
||||
connections are allowed from hosts listed in
|
||||
/etc/shorewall/routestopped to the firewall and to other hosts
|
||||
listed in /etc/shorewall/routestopped. A new 'loose' option is
|
||||
added for entries in that file which will cause Shorewall to
|
||||
allow traffic from the host listed in the entry to ANY other
|
||||
host. When 'loose' is specified in an entry, it is unnecessary
|
||||
to also specify 'routeback'.
|
||||
listed in /etc/shorewall/routestopped.
|
||||
|
||||
A new 'source' option is added for entries in that file which will
|
||||
cause Shorewall to allow traffic from the host listed in the entry
|
||||
to ANY other host. When 'source' is specified in an entry, it is
|
||||
unnecessary to also specify 'routeback'.
|
||||
|
||||
Similarly, a new 'dest' option is added which will cause Shorewall
|
||||
to allow traffic to the host listed in the entry from ANY other
|
||||
host. When 'source' is specified in an entry, it is unnecessary to
|
||||
also specify 'routeback'.
|
||||
|
||||
|
||||
|
||||
|
||||
|
@ -25,11 +25,17 @@
|
||||
# routeback - Set up a rule to ACCEPT traffic from
|
||||
# these hosts back to themselves.
|
||||
#
|
||||
# loose - Allow traffic from these hosts to ANY
|
||||
# destination. Without this option, only traffic
|
||||
# from this host to other listed hosts (and the
|
||||
# firewall) is allowed. If 'loose' is specified
|
||||
# then 'routeback' is redundent.
|
||||
# source - Allow traffic from these hosts to ANY
|
||||
# destination. Without this option or the 'dest'
|
||||
# option, only traffic from this host to other
|
||||
# listed hosts (and the firewall) is allowed. If
|
||||
# 'source' is specified then 'routeback' is redundent.
|
||||
#
|
||||
# dest - Allow traffic to these hosts from ANY
|
||||
# source. Without this option or the 'source'
|
||||
# option, only traffic from this host to other
|
||||
# listed hosts (and the firewall) is allowed. If
|
||||
# 'dest' is specified then 'routeback' is redundent.
|
||||
#
|
||||
# Example:
|
||||
#
|
||||
@ -37,7 +43,7 @@
|
||||
# eth2 192.168.1.0/24
|
||||
# eth0 192.0.2.44
|
||||
# br0 - routeback
|
||||
# eth3 - loose
|
||||
# eth3 - source
|
||||
#
|
||||
# See http://shorewall.net/Documentation.htm#Routestopped and
|
||||
# http://shorewall.net/starting_and_stopping_shorewall.htm for additional
|
||||
|
Loading…
Reference in New Issue
Block a user