mirror of
https://gitlab.com/shorewall/code.git
synced 2024-11-14 03:34:31 +01:00
44170128c2
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@27 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
52 lines
1.4 KiB
Plaintext
52 lines
1.4 KiB
Plaintext
#
|
|
# Shorewall 1.3 - /etc/shorewall/tunnels
|
|
#
|
|
# This file defines IPSEC, GRE and IPIP tunnels.
|
|
#
|
|
# IPIP and GRE tunnels must be configured on the firewall/gateway itself.
|
|
# IPSEC endpoints may be defined on the firewall/gateway or on an
|
|
# internal system.
|
|
#
|
|
# The columns are:
|
|
#
|
|
# TYPE -- must start in column 1 and be "ipsec", "ip" or "gre"
|
|
#
|
|
# ZONE -- The zone of the physical interface through which
|
|
# tunnel traffic passes. This is normally your internet
|
|
# zone.
|
|
#
|
|
# GATEWAY -- The IP address of the remote tunnel gateway. If the
|
|
# remote getway has no fixed address (Road Warrior)
|
|
# then specify the gateway as 0.0.0.0/0.
|
|
#
|
|
# GATEWAY ZONE-- Optional. If the gateway system specified in the third
|
|
# column is a standalone host then this column should
|
|
# contain the name of the zone that the host is in. This
|
|
# column only applies to IPSEC tunnels.
|
|
#
|
|
# Example 1:
|
|
#
|
|
# IPSec tunnel. The remote gateway is 4.33.99.124 and
|
|
# the remote subnet is 192.168.9.0/24
|
|
#
|
|
# ipsec net 4.33.99.124
|
|
#
|
|
# Example 2:
|
|
#
|
|
# Road Warrior (LapTop that may connect from anywhere)
|
|
# where the "gw" zone is used to represent the remote
|
|
# LapTop.
|
|
#
|
|
# ipsec net 0.0.0.0/0 gw
|
|
#
|
|
# Example 3:
|
|
#
|
|
# Host 4.33.99.124 is a standalone system connected
|
|
# via an ipsec tunnel to the firewall system. The host
|
|
# is in zone gw.
|
|
#
|
|
# ipsec net 4.33.99.124 gw
|
|
#
|
|
# TYPE ZONE GATEWAY GATEWAY ZONE
|
|
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
|