shorewall_code/Shorewall/Actions/action.TCPFlags
Tom Eastep 6b4905c2c0
Replace 'tcp' with '6' in action.TCPFlags
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2017-10-20 12:33:36 -07:00

30 lines
743 B
Plaintext

#
# Shorewall -- /usr/share/shorewall/action.TCPFlags
#
# Drop TCPFlags Action
#
# Accepts a single optional parameter:
#
# - = Do not Audit
# audit = Audit dropped packets.
#
###############################################################################
DEFAULTS -
?if passed(@1)
?if @1 eq 'audit'
?set tcpflags_action 'A_DROP'
?else
?error The parameter to TCPFlags must be 'audit' or '-'
?endif
?else
?set tcpflags_action 'DROP'
?endif
$tcpflags_action - - ;;+ -p 6 --tcp-flags ALL FIN,URG,PSH
$tcpflags_action - - ;;+ -p 6 --tcp-flags ALL NONE
$tcpflags_action - - ;;+ -p 6 --tcp-flags SYN,RST SYN,RST
$tcpflags_action - - ;;+ -p 6 --tcp-flags SYN,FIN SYN,FIN
$tcpflags_action - - ;;+ -p 6 --syn --sport 0