forked from extern/shorewall_code
32 lines
1.1 KiB
Plaintext
32 lines
1.1 KiB
Plaintext
|
#
|
||
|
|
# Shorewall version 3.2 - Capabilities File
|
||
|
|
#
|
||
|
|
# /etc/shorewall/capabilities
|
||
|
|
#
|
||
|
|
# This file is used when compiling with the -e flag. It specifies
|
||
|
|
# the capabilities of the kernel/iptables on the remote system.
|
||
|
|
# The capabilities are listed in the same order as they appear in
|
||
|
|
# the output of "shorewall show capabilities". If the capability
|
||
|
|
# is available, set the corresponding variable to "Yes". Otherwise
|
||
|
|
# leave it empty.
|
||
|
|
|
||
|
|
NAT_ENABLED=Yes # NAT
|
||
|
|
MANGLE_ENABLED=Yes # Packet Mangling
|
||
|
|
CONNTRACK_MATCH=Yes # Connection Tracking Match
|
||
|
|
USEPKTTYPE= # Packet Type Match
|
||
|
|
MULTIPORT=Yes # Multi-port Match
|
||
|
|
XMULTIPORT=Yes # Extended Multi-port Match
|
||
|
|
POLICY_MATCH=Yes # Policy Match
|
||
|
|
PHYSDEV_MATCH=Yes # Physdev Match
|
||
|
|
LENGTH_MATCH=Yes # Packet Length Match
|
||
|
|
IPRANGE_MATCH=Yes # IP range Match
|
||
|
|
RECENT_MATCH=Yes # Recent Match
|
||
|
|
OWNER_MATCH=Yes # Owner match
|
||
|
|
IPSET_MATCH= # Ipset Match
|
||
|
|
CONNMARK=Yes # CONNMARK Target
|
||
|
|
CONNMARK_MATCH=Yes # Connmark Match
|
||
|
|
RAW_TABLE=Yes # Raw Table
|
||
|
|
IPP2P_MATCH= # IPP2P Match
|
||
|
|
CLASSIFY_TARGET=Yes # CLASSIFY Target
|
||
|
|
ENHANCED_REJECT=Yes # Extended REJECT
|