holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Merge branch '4.5.10'

Browse Source
This commit is contained in:
Tom Eastep 2012-12-04 10:56:09 -08:00
commit 02cbd72a91
5 changed files with 39 additions and 39 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
Shorewall-core/lib.cli
View File

@ -1007,18 +1007,18 @@ show_command() {
case $1 in
actions)
[ $# -gt 1 ] && usage 1
echo "A_ACCEPT # Audit and accept the connection"
echo "A_DROP # Audit and drop the connection"
echo "A_REJECT # Audit and reject the connection "
echo "allowBcast # Silently Allow Broadcast/multicast"
echo "allowInvalid # Accept packets that are in the INVALID conntrack state."
echo "allowinUPnP # Allow UPnP inbound (to firewall) traffic"
echo "allowoutUPnP # Allow traffic from local command 'upnpd' (does not work with kernels after 2.6.13)"
echo "dropBcast # Silently Drop Broadcast/multicast"
echo "dropInvalid # Silently Drop packets that are in the INVALID conntrack state"
echo "dropNotSyn # Silently Drop Non-syn TCP packets"
echo "forwardUPnP # Allow traffic that upnpd has redirected from"
echo "rejNotSyn # Silently Reject Non-syn TCP packets"
echo "A_ACCEPT # Audit and accept the connection"
echo "A_DROP # Audit and drop the connection"
echo "A_REJECT # Audit and reject the connection "
echo "allowBcast # Silently Allow Broadcast/multicast"
echo "allowInvalid # Accept packets that are in the INVALID conntrack state."
echo "allowinUPnP # Allow UPnP inbound (to firewall) traffic"
echo "allowoutUPnP # Allow traffic from local command 'upnpd' (does not work with kernels after 2.6.13)"
echo "dropBcast # Silently Drop Broadcast/multicast"
echo "dropInvalid # Silently Drop packets that are in the INVALID conntrack state"
echo "dropNotSyn # Silently Drop Non-syn TCP packets"
echo "forwardUPnP # Allow traffic that upnpd has redirected from"
echo "rejNotSyn # Silently Reject Non-syn TCP packets"
if [ -f ${g_confdir}/actions ]; then
cat ${g_sharedir}/actions.std ${g_confdir}/actions | grep -Ev '^\#|^$'

20
Shorewall/actions.std
View File

@ -33,13 +33,13 @@
#
###############################################################################
#ACTION
A_Drop # Audited Default Action for DROP policy
A_Reject # Audited Default action for REJECT policy
Broadcast noinline # Handles Broadcast/Multicast/Anycast
Drop # Default Action for DROP policy
DropSmurfs noinline # Drop smurf packets
Invalid noinline # Handles packets in the INVALID conntrack state
NotSyn noinline # Handles TCP packets which do not have SYN=1 and ACK=0
Reject # Default Action for REJECT policy
RST noinline # Handle packets with RST set
TCPFlags noinline # Handle bad flag combinations.
A_Drop # Audited Default Action for DROP policy
A_Reject # Audited Default action for REJECT policy
Broadcast noinline # Handles Broadcast/Multicast/Anycast
Drop # Default Action for DROP policy
DropSmurfs noinline # Drop smurf packets
Invalid noinline # Handles packets in the INVALID conntrack state
NotSyn noinline # Handles TCP packets which do not have SYN=1 and ACK=0
Reject # Default Action for REJECT policy
RST noinline # Handle packets with RST set
TCPFlags noinline # Handle bad flag combinations.

6
Shorewall/configfiles/actions
View File

@ -7,6 +7,6 @@
#
# Please see http://shorewall.net/Actions.html for additional information.
#
####################################################################################
#ACTION OPTIONS COMMENT (place '# ' below the 'C' in comment followed by
# v a comment describing the action)
########################################################################################
#ACTION OPTIONS COMMENT (place '# ' below the 'C' in comment followed by
# v a comment describing the action)

22
Shorewall6/actions.std
View File

@ -19,15 +19,15 @@
#
###############################################################################
#ACTION
A_Drop # Audited Default Action for DROP policy
A_Reject # Audited Default Action for REJECT policy
A_AllowICMPs # Audited Accept needed ICMP6 types
AllowICMPs # Accept needed ICMP6 types
Broadcast noinline # Handles Broadcast/Multicast/Anycast
Drop # Default Action for DROP policy
DropSmurfs noinline # Handles packets with a broadcast source address
Invalid noinline # Handles packets in the INVALID conntrack state
NotSyn noinline # Handles TCP packets that do not have SYN=1 and ACK=0
Reject # Default Action for REJECT policy
TCPFlags noinline # Handles bad flags combinations
A_Drop # Audited Default Action for DROP policy
A_Reject # Audited Default Action for REJECT policy
A_AllowICMPs # Audited Accept needed ICMP6 types
AllowICMPs # Accept needed ICMP6 types
Broadcast noinline # Handles Broadcast/Multicast/Anycast
Drop # Default Action for DROP policy
DropSmurfs noinline # Handles packets with a broadcast source address
Invalid noinline # Handles packets in the INVALID conntrack state
NotSyn noinline # Handles TCP packets that do not have SYN=1 and ACK=0
Reject # Default Action for REJECT policy
TCPFlags noinline # Handles bad flags combinations

6
Shorewall6/configfiles/actions
View File

@ -8,6 +8,6 @@
# Please see http://shorewall.net/Actions.html for additional information.
#
###############################################################################
####################################################################################
#ACTION OPTIONS COMMENT (place '# ' below the 'C' in comment followed by
# v a comment describing the action)
########################################################################################
#ACTION OPTIONS COMMENT (place '# ' below the 'C' in comment followed by
# v a comment describing the action)