Enhance routestop changed to allow open source or open destination or both

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2151 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2005-05-20 22:54:17 +00:00
parent 431aa21697
commit fd437ec6fd
2 changed files with 24 additions and 11 deletions

View File

@ -345,11 +345,18 @@ New Features in version 2.4.0
6) Normally when Shorewall is stopped, starting or restarting then
connections are allowed from hosts listed in
/etc/shorewall/routestopped to the firewall and to other hosts
listed in /etc/shorewall/routestopped. A new 'loose' option is
added for entries in that file which will cause Shorewall to
allow traffic from the host listed in the entry to ANY other
host. When 'loose' is specified in an entry, it is unnecessary
to also specify 'routeback'.
listed in /etc/shorewall/routestopped.
A new 'source' option is added for entries in that file which will
cause Shorewall to allow traffic from the host listed in the entry
to ANY other host. When 'source' is specified in an entry, it is
unnecessary to also specify 'routeback'.
Similarly, a new 'dest' option is added which will cause Shorewall
to allow traffic to the host listed in the entry from ANY other
host. When 'source' is specified in an entry, it is unnecessary to
also specify 'routeback'.

View File

@ -25,11 +25,17 @@
# routeback - Set up a rule to ACCEPT traffic from
# these hosts back to themselves.
#
# loose - Allow traffic from these hosts to ANY
# destination. Without this option, only traffic
# from this host to other listed hosts (and the
# firewall) is allowed. If 'loose' is specified
# then 'routeback' is redundent.
# source - Allow traffic from these hosts to ANY
# destination. Without this option or the 'dest'
# option, only traffic from this host to other
# listed hosts (and the firewall) is allowed. If
# 'source' is specified then 'routeback' is redundent.
#
# dest - Allow traffic to these hosts from ANY
# source. Without this option or the 'source'
# option, only traffic from this host to other
# listed hosts (and the firewall) is allowed. If
# 'dest' is specified then 'routeback' is redundent.
#
# Example:
#
@ -37,7 +43,7 @@
# eth2 192.168.1.0/24
# eth0 192.0.2.44
# br0 - routeback
# eth3 - loose
# eth3 - source
#
# See http://shorewall.net/Documentation.htm#Routestopped and
# http://shorewall.net/starting_and_stopping_shorewall.htm for additional