shorewall-rfc1918
5
rfc1918
Shorewall file
/usr/share/shorewall/rfc1918
Description
The rfc1918 file determines the handling of connections under the
norfc1918 option in shorewall-interfaces(5). Do not
modify /usr/share/shorewall/rfc1918; if you need to
change norfc1918 handling, then copy
/usr/share/shorewall/rfc1918 to
/etc/shorewall/rfc1918 and modify the copy.
The released version of this file logs and drops packets from the
three address ranges reserved by RFC 1918:
10.0.0.0/8
172.16.0.0/12
192.168.0.0/16
The columns in the file are as follows.
SUBNET -
address
Subnet address in CIDR format.
TARGET - {RETURN|DROP|logdrop}
RETURN causes packets to/from
the specified subnet to be processed normally by the applicable
rules and policies.
DROP causes packets from the
specified subnet to be silently dropped.
logdrop causes packets from
the specified subnet to be logged at the level specified by the
RFC1918_LOG_LEVEL option in shorewall.conf(5).
Also, please see the RFC1918_STRICT option in shorewall.conf(5).
FILES
/usr/share/shorewall/rfc1918
/etc/shorewall/rfc1918
See ALSO
shorewall(8), shorewall-accounting(5), shorewall-actions(5),
shorewall-blacklist(5), shorewall-hosts(5), shorewall-interfaces(5),
shorewall-ipsec(5), shorewall-maclist(5), shorewall-masq(5),
shorewall-nat(5), shorewall-netmap(5), shorewall-params(5),
shorewall-policy(5), shorewall-providers(5), shorewall-proxyarp(5),
shorewall-route_rules(5), shorewall-routestopped(5), shorewall-rules(5),
shorewall.conf(5), shorewall-tcclasses(5), shorewall-tcdevices(5),
shorewall-tcrules(5), shorewall-tos(5), shorewall-tunnels(5),
shorewall-zones(5)