mirror of
https://gitlab.com/shorewall/code.git
synced 2024-11-08 16:54:10 +01:00
89eaf99906
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2403 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
75 lines
2.8 KiB
Plaintext
75 lines
2.8 KiB
Plaintext
#
|
|
# Shorewall 2.4 /usr/share/shorewall/actions.std
|
|
#
|
|
# Please see http://shorewall.net/Actions.html for additional
|
|
# information.
|
|
#
|
|
# Builtin Actions are:
|
|
#
|
|
# allowBcast #Silently Allow Broadcast/multicast
|
|
# dropBcast #Silently Drop Broadcast/multicast
|
|
# dropNotSyn #Silently Drop Non-syn TCP packets
|
|
# rejNotSyn #Silently Reject Non-syn TCP packets
|
|
# dropInvalid #Silently Drop packets that are in the INVALID
|
|
# #conntrack state.
|
|
# allowInvalid #Accept packets that are in the INVALID
|
|
# #conntrack state.
|
|
# allowoutUPnP #Allow traffic from local command 'upnpd'
|
|
# allowinUPnP #Allow UPnP inbound (to firewall) traffic
|
|
# forwardUPnP #Allow traffic that upnpd has redirected from
|
|
# #'upnp' interfaces.
|
|
#
|
|
#ACTION
|
|
|
|
DropSMB #Silently Drops Microsoft SMB Traffic
|
|
RejectSMB #Silently Reject Microsoft SMB Traffic
|
|
DropUPnP #Silently Drop UPnP Probes
|
|
RejectAuth #Silently Reject Auth
|
|
DropPing #Silently Drop Ping
|
|
DropDNSrep #Silently Drop DNS Replies
|
|
DropEdonkey # silently drop edonkey traffic
|
|
DropGnutella # silently drop gnutella traffic
|
|
|
|
AllowPing #Accept Ping
|
|
AllowFTP #Accept FTP
|
|
AllowDNS #Accept DNS
|
|
AllowSSH #Accept SSH
|
|
AllowWeb #Allow Web Browsing
|
|
AllowSMB #Allow MS Networking
|
|
AllowAuth #Allow Auth (identd)
|
|
AllowSMTP #Allow SMTP (Email)
|
|
AllowPOP3 #Allow reading mail via POP3
|
|
AllowICMPs #Allows critical ICMP types
|
|
AllowIMAP #Allow reading mail via IMAP
|
|
AllowTelnet #Allow Telnet Access (not recommended for use over the Internet)
|
|
AllowVNC #Allow VNC viewer->server, Displays 0-9
|
|
AllowVNCL #Allow VNC server->viewer in listening mode
|
|
AllowNTP #Allow Network Time Protocol (ntpd)
|
|
AllowRdate #Allow remote time (rdate).
|
|
AllowNNTP #Allow network news (Usenet).
|
|
AllowTrcrt #Allows Traceroute (20 hops)
|
|
AllowSNMP #Allows SNMP (including traps)
|
|
AllowPCA #Allows PCAnywhere (tm)
|
|
|
|
# Added in Debian Packaging
|
|
AllowSPAMD #Allows SpamAssassin daemon
|
|
AllowSyslog #Allows syslog udp traffic
|
|
AllowAmanda # Allow connections required by the Amanda backup system
|
|
AllowLDAP # accepts LDAP traffic
|
|
AllowICQ # Accepts ICQ traffic
|
|
AllowBitTorrent # Accepts BitTorrent traffic
|
|
AllowSMBswat # Allows Samba Swat
|
|
DropSMTP # silently drops SMTP traffic
|
|
AllowCVS # accept cvs pserver traffic
|
|
AllowSVN # accept Subversion traffic
|
|
AllowMySQL # accept MySQL traffic
|
|
AllowPostgreSQL # accept PostgreSQL traffic
|
|
AllowRsync # accept rsync traffic
|
|
AllowDistcc # accept Distributed Compiler traffic
|
|
AllowEdonkey # accept edonkey traffic
|
|
AllowGnutella # accept edonkey traffic
|
|
|
|
Drop:DROP #Common Action for DROP policy
|
|
Reject:REJECT #Common Action for REJECT policy
|
|
#LAST LINE - ADD YOUR ENTRIES ABOVE THIS ONE - DO NOT REMOVE
|