Add /etc/shorewall/routes

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2121 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-05-15 23:20:30 +00:00 · 2005-05-15 23:20:30 +00:00 · 19c72cb955
commit 19c72cb955
parent bd18cf79c0
1 changed files with 71 additions and 0 deletions
--- a/Shorewall2/routes
+++ b/Shorewall2/routes
@ -0,0 +1,71 @@
+#
+# Shorewall version 2.4 - Routing Rules
+#
+# /etc/shorewall/routes
+#
+#	Entries in this file cause packets to be routed in non-standard 
+#       ways.
+#
+#                              I M P O R T A N T ! ! ! !
+#
+#	In order to use entries in this file, your kernel and iptables must
+#	have ROUTE target support.
+#
+# Columns are:
+#
+#
+#	SOURCE 		Source of the packet. May be any of the following:
+#
+#			- A host or network address
+#			- A network interface name.
+#			- The name of an ipset prefaced with "+"
+#			- $FW (for packets originating on the firewall)
+#			- A MAC address in Shorewall format
+#			- A range of IP addresses (assuming that your
+#			  kernel and iptables support range match)
+#			- A network interface name followed by ":"
+#			  and an address or address range.
+#
+#	DEST		Destination of the packet. May be any of the
+#			following:
+#
+#			- A host or network address
+#			- A network interface name (determined from
+#			  routing table(s))
+#			- The name of an ipset prefaced with "+"
+#			- A network interface name followed by ":"
+#			  and an address or address range. 
+#
+#	PROTO		Protocol - Must be "tcp", "udp", "icmp", "ipp2p", 
+#			a number, or "all". "ipp2p" requires ipp2p match
+#			support in your kernel and iptables.
+#
+#	PORT(S)		Destination Ports. A comma-separated list of Port
+#			names (from /etc/services), port numbers or port
+#			ranges; if the protocol is "icmp", this column is
+#			interpreted as the destination icmp-type(s).
+#
+#			If the protocol is ipp2p, this column is interpreted
+#			as an ipp2p option without the leading "--" (example "bit"
+#			for bit-torrent). If no PORT is given, "ipp2p" is
+#			assumed.
+#
+#			This column is ignored if PROTOCOL = all but must be
+#			entered if any of the following field is supplied.
+#			In that case, it is suggested that this field contain
+#			 "-"
+#
+#	SOURCE PORT(S)	(Optional) Source port(s). If omitted,
+#			any source port is acceptable. Specified as a comma-
+#			separated list of port names, port numbers or port
+#			ranges.
+#
+#	INTERFACE	The interface that the packet is to be routed out of.
+#
+#	GATEWAY		The gateway that the packet is to be forewarded through.
+#
+# See http://shorewall.net/Shorewall_and_Routing.html for additional information.
+#######################################################################################
+#SOURCE 		DEST		PROTO	PORT(S)	SOURCE	INTERFACE	GATEWAY
+#							PORT(S)
+#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE