forked from extern/shorewall_code
Fix action headings
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1106 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
parent
aa7e0cdbeb
commit
517d4dbf46
@ -4,7 +4,7 @@
|
|||||||
# This action accepts Auth (identd) traffic.
|
# This action accepts Auth (identd) traffic.
|
||||||
#
|
#
|
||||||
######################################################################################
|
######################################################################################
|
||||||
#TARGET SOURCE DEST PROTO DEST SOURCE ORIGINAL RATE
|
#TARGET SOURCE DEST PROTO DEST SOURCE RATE USER/
|
||||||
# PORT PORT(S) DEST LIMIT
|
# PORT PORT(S) LIMIT GROUP
|
||||||
ACCEPT - - tcp 113
|
ACCEPT - - tcp 113
|
||||||
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
|
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
|
||||||
|
@ -4,8 +4,8 @@
|
|||||||
# This action accepts DNS traffic.
|
# This action accepts DNS traffic.
|
||||||
#
|
#
|
||||||
######################################################################################
|
######################################################################################
|
||||||
#TARGET SOURCE DEST PROTO DEST SOURCE ORIGINAL RATE
|
#TARGET SOURCE DEST PROTO DEST SOURCE RATE USER/
|
||||||
# PORT PORT(S) DEST LIMIT
|
# PORT PORT(S) LIMIT GROUP
|
||||||
ACCEPT - - udp 53
|
ACCEPT - - udp 53
|
||||||
ACCEPT - - tcp 53
|
ACCEPT - - tcp 53
|
||||||
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
|
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
|
||||||
|
@ -4,8 +4,8 @@
|
|||||||
# This action accepts IMAP traffic (secure and insecure):
|
# This action accepts IMAP traffic (secure and insecure):
|
||||||
#
|
#
|
||||||
######################################################################################
|
######################################################################################
|
||||||
#TARGET SOURCE DEST PROTO DEST SOURCE ORIGINAL RATE
|
#TARGET SOURCE DEST PROTO DEST SOURCE RATE USER/
|
||||||
# PORT PORT(S) DEST LIMIT
|
# PORT PORT(S) LIMIT GROUP
|
||||||
ACCEPT - - tcp 143 #Unsecure IMAP
|
ACCEPT - - tcp 143 #Unsecure IMAP
|
||||||
ACCEPT - - tcp 993 #Secure IMAP
|
ACCEPT - - tcp 993 #Secure IMAP
|
||||||
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
|
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
|
||||||
|
@ -4,7 +4,7 @@
|
|||||||
# This action accepts NNTP traffic (Usenet).
|
# This action accepts NNTP traffic (Usenet).
|
||||||
#
|
#
|
||||||
######################################################################################
|
######################################################################################
|
||||||
#TARGET SOURCE DEST PROTO DEST SOURCE ORIGINAL RATE
|
#TARGET SOURCE DEST PROTO DEST SOURCE RATE USER/
|
||||||
# PORT PORT(S) DEST LIMIT
|
# PORT PORT(S) LIMIT GROUP
|
||||||
ACCEPT - - tcp 119
|
ACCEPT - - tcp 119
|
||||||
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
|
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
|
||||||
|
@ -4,7 +4,7 @@
|
|||||||
# This action accepts 'ping' requests.
|
# This action accepts 'ping' requests.
|
||||||
#
|
#
|
||||||
######################################################################################
|
######################################################################################
|
||||||
#TARGET SOURCE DEST PROTO DEST SOURCE ORIGINAL RATE
|
#TARGET SOURCE DEST PROTO DEST SOURCE RATE USER/
|
||||||
# PORT PORT(S) DEST LIMIT
|
# PORT PORT(S) LIMIT GROUP
|
||||||
ACCEPT - - icmp 8
|
ACCEPT - - icmp 8
|
||||||
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
|
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
|
||||||
|
@ -4,7 +4,7 @@
|
|||||||
# This action accepts remote time retrieval (rdate).
|
# This action accepts remote time retrieval (rdate).
|
||||||
#
|
#
|
||||||
######################################################################################
|
######################################################################################
|
||||||
#TARGET SOURCE DEST PROTO DEST SOURCE ORIGINAL RATE
|
#TARGET SOURCE DEST PROTO DEST SOURCE RATE USER/
|
||||||
# PORT PORT(S) DEST LIMIT
|
# PORT PORT(S) LIMIT GROUP
|
||||||
ACCEPT - - tcp 37
|
ACCEPT - - tcp 37
|
||||||
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
|
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
|
||||||
|
@ -5,8 +5,8 @@
|
|||||||
# both directions.
|
# both directions.
|
||||||
#
|
#
|
||||||
######################################################################################
|
######################################################################################
|
||||||
#TARGET SOURCE DEST PROTO DEST SOURCE ORIGINAL RATE
|
#TARGET SOURCE DEST PROTO DEST SOURCE RATE USER/
|
||||||
# PORT PORT(S) DEST LIMIT
|
# PORT PORT(S) LIMIT GROUP
|
||||||
ACCEPT - - udp 135,445
|
ACCEPT - - udp 135,445
|
||||||
ACCEPT - - udp 137:139
|
ACCEPT - - udp 137:139
|
||||||
ACCEPT - - udp 1024: 137
|
ACCEPT - - udp 1024: 137
|
||||||
|
@ -9,7 +9,7 @@
|
|||||||
# the AllowPOP3 or AllowIMAP actions.
|
# the AllowPOP3 or AllowIMAP actions.
|
||||||
#
|
#
|
||||||
######################################################################################
|
######################################################################################
|
||||||
#TARGET SOURCE DEST PROTO DEST SOURCE ORIGINAL RATE
|
#TARGET SOURCE DEST PROTO DEST SOURCE RATE USER/
|
||||||
# PORT PORT(S) DEST LIMIT
|
# PORT PORT(S) LIMIT GROUP
|
||||||
ACCEPT - - tcp 25
|
ACCEPT - - tcp 25
|
||||||
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
|
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
|
||||||
|
@ -4,7 +4,7 @@
|
|||||||
# This action accepts secure shell (SSH) traffic.
|
# This action accepts secure shell (SSH) traffic.
|
||||||
#
|
#
|
||||||
######################################################################################
|
######################################################################################
|
||||||
#TARGET SOURCE DEST PROTO DEST SOURCE ORIGINAL RATE
|
#TARGET SOURCE DEST PROTO DEST SOURCE RATE USER/
|
||||||
# PORT PORT(S) DEST LIMIT
|
# PORT PORT(S) LIMIT GROUP
|
||||||
ACCEPT - - tcp 22
|
ACCEPT - - tcp 22
|
||||||
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
|
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
|
||||||
|
@ -4,8 +4,8 @@
|
|||||||
# This action accepts Traceroute (for up to 20 hops):
|
# This action accepts Traceroute (for up to 20 hops):
|
||||||
#
|
#
|
||||||
######################################################################################
|
######################################################################################
|
||||||
#TARGET SOURCE DEST PROTO DEST SOURCE ORIGINAL RATE
|
#TARGET SOURCE DEST PROTO DEST SOURCE RATE USER/
|
||||||
# PORT PORT(S) DEST LIMIT
|
# PORT PORT(S) LIMIT GROUP
|
||||||
ACCEPT - - udp 33434:33454 #UDP Traceroute
|
ACCEPT - - udp 33434:33454 #UDP Traceroute
|
||||||
ACCEPT - - icmp 8 #ICMP Traceroute
|
ACCEPT - - icmp 8 #ICMP Traceroute
|
||||||
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
|
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
|
||||||
|
@ -4,7 +4,7 @@
|
|||||||
# This action accepts VNC traffic for VNC display's 0 - 9.
|
# This action accepts VNC traffic for VNC display's 0 - 9.
|
||||||
#
|
#
|
||||||
######################################################################################
|
######################################################################################
|
||||||
#TARGET SOURCE DEST PROTO DEST SOURCE ORIGINAL RATE
|
#TARGET SOURCE DEST PROTO DEST SOURCE RATE USER/
|
||||||
# PORT PORT(S) DEST LIMIT
|
# PORT PORT(S) LIMIT GROUP
|
||||||
ACCEPT - - tcp 5900:5909
|
ACCEPT - - tcp 5900:5909
|
||||||
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
|
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
|
||||||
|
@ -4,8 +4,8 @@
|
|||||||
# This action accepts WWW traffic (secure and insecure):
|
# This action accepts WWW traffic (secure and insecure):
|
||||||
#
|
#
|
||||||
######################################################################################
|
######################################################################################
|
||||||
#TARGET SOURCE DEST PROTO DEST SOURCE ORIGINAL RATE
|
#TARGET SOURCE DEST PROTO DEST SOURCE RATE USER/
|
||||||
# PORT PORT(S) DEST LIMIT
|
# PORT PORT(S) LIMIT GROUP
|
||||||
ACCEPT - - tcp 80
|
ACCEPT - - tcp 80
|
||||||
ACCEPT - - TCP 443
|
ACCEPT - - TCP 443
|
||||||
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
|
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
|
||||||
|
@ -4,8 +4,8 @@
|
|||||||
# The default DROP common rules
|
# The default DROP common rules
|
||||||
#
|
#
|
||||||
######################################################################################
|
######################################################################################
|
||||||
#TARGET SOURCE DEST PROTO DEST SOURCE ORIGINAL RATE
|
#TARGET SOURCE DEST PROTO DEST SOURCE RATE USER/
|
||||||
# PORT PORT(S) DEST LIMIT
|
# PORT PORT(S) LIMIT GROUP
|
||||||
RejectAuth
|
RejectAuth
|
||||||
DropBcast
|
DropBcast
|
||||||
DropSMB
|
DropSMB
|
||||||
|
@ -5,6 +5,6 @@
|
|||||||
# built by the extensions script /etc/shorewall/DropBcast
|
# built by the extensions script /etc/shorewall/DropBcast
|
||||||
#
|
#
|
||||||
######################################################################################
|
######################################################################################
|
||||||
#TARGET SOURCE DEST PROTO DEST SOURCE ORIGINAL RATE
|
#TARGET SOURCE DEST PROTO DEST SOURCE RATE USER/
|
||||||
# PORT PORT(S) DEST LIMIT
|
# PORT PORT(S) LIMIT GROUP
|
||||||
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
|
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
|
||||||
|
@ -4,7 +4,7 @@
|
|||||||
# This action silently drops DNS UDP replies
|
# This action silently drops DNS UDP replies
|
||||||
#
|
#
|
||||||
######################################################################################
|
######################################################################################
|
||||||
#TARGET SOURCE DEST PROTO DEST SOURCE ORIGINAL RATE
|
#TARGET SOURCE DEST PROTO DEST SOURCE RATE USER/
|
||||||
# PORT PORT(S) DEST LIMIT
|
# PORT PORT(S) LIMIT GROUP
|
||||||
DROP - - udp - 53
|
DROP - - udp - 53
|
||||||
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
|
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
|
||||||
|
@ -5,6 +5,6 @@
|
|||||||
# /etc/shorewall/DropNotSyn implements this action.
|
# /etc/shorewall/DropNotSyn implements this action.
|
||||||
#
|
#
|
||||||
######################################################################################
|
######################################################################################
|
||||||
#TARGET SOURCE DEST PROTO DEST SOURCE ORIGINAL RATE
|
#TARGET SOURCE DEST PROTO DEST SOURCE RATE USER/
|
||||||
# PORT PORT(S) DEST LIMIT
|
# PORT PORT(S) LIMIT GROUP
|
||||||
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
|
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
|
||||||
|
@ -4,7 +4,7 @@
|
|||||||
# This action silently drops 'ping' requests.
|
# This action silently drops 'ping' requests.
|
||||||
#
|
#
|
||||||
######################################################################################
|
######################################################################################
|
||||||
#TARGET SOURCE DEST PROTO DEST SOURCE ORIGINAL RATE
|
#TARGET SOURCE DEST PROTO DEST SOURCE RATE USER/
|
||||||
# PORT PORT(S) DEST LIMIT
|
# PORT PORT(S) LIMIT GROUP
|
||||||
DROP - - icmp 8
|
DROP - - icmp 8
|
||||||
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
|
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
|
||||||
|
@ -4,8 +4,8 @@
|
|||||||
# This action silently drops Microsoft SMB traffic
|
# This action silently drops Microsoft SMB traffic
|
||||||
#
|
#
|
||||||
######################################################################################
|
######################################################################################
|
||||||
#TARGET SOURCE DEST PROTO DEST SOURCE ORIGINAL RATE
|
#TARGET SOURCE DEST PROTO DEST SOURCE RATE USER/
|
||||||
# PORT PORT(S) DEST LIMIT
|
# PORT PORT(S) LIMIT GROUP
|
||||||
DROP - - udp 135
|
DROP - - udp 135
|
||||||
DROP - - udp 137:139
|
DROP - - udp 137:139
|
||||||
DROP - - udp 445
|
DROP - - udp 445
|
||||||
|
@ -4,7 +4,7 @@
|
|||||||
# This action silently drops UPnP probes on UDP port 1900
|
# This action silently drops UPnP probes on UDP port 1900
|
||||||
#
|
#
|
||||||
######################################################################################
|
######################################################################################
|
||||||
#TARGET SOURCE DEST PROTO DEST SOURCE ORIGINAL RATE
|
#TARGET SOURCE DEST PROTO DEST SOURCE RATE USER/
|
||||||
# PORT PORT(S) DEST LIMIT
|
# PORT PORT(S) LIMIT GROUP
|
||||||
DROP - - udp 1900
|
DROP - - udp 1900
|
||||||
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
|
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
|
||||||
|
@ -4,8 +4,8 @@
|
|||||||
# The default REJECT action common rules
|
# The default REJECT action common rules
|
||||||
#
|
#
|
||||||
######################################################################################
|
######################################################################################
|
||||||
#TARGET SOURCE DEST PROTO DEST SOURCE ORIGINAL RATE
|
#TARGET SOURCE DEST PROTO DEST SOURCE RATE USER/
|
||||||
# PORT PORT(S) DEST LIMIT
|
# PORT PORT(S) LIMIT GROUP
|
||||||
RejectAuth
|
RejectAuth
|
||||||
DropBcast
|
DropBcast
|
||||||
RejectSMB
|
RejectSMB
|
||||||
|
@ -4,7 +4,7 @@
|
|||||||
# This action silently rejects Auth (tcp 113) traffic
|
# This action silently rejects Auth (tcp 113) traffic
|
||||||
#
|
#
|
||||||
######################################################################################
|
######################################################################################
|
||||||
#TARGET SOURCE DEST PROTO DEST SOURCE ORIGINAL RATE
|
#TARGET SOURCE DEST PROTO DEST SOURCE RATE USER/
|
||||||
# PORT PORT(S) DEST LIMIT
|
# PORT PORT(S) LIMIT GROUP
|
||||||
REJECT - - tcp 113
|
REJECT - - tcp 113
|
||||||
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
|
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
|
||||||
|
@ -4,8 +4,8 @@
|
|||||||
# This action silently rejects Microsoft SMB traffic
|
# This action silently rejects Microsoft SMB traffic
|
||||||
#
|
#
|
||||||
######################################################################################
|
######################################################################################
|
||||||
#TARGET SOURCE DEST PROTO DEST SOURCE ORIGINAL RATE
|
#TARGET SOURCE DEST PROTO DEST SOURCE RATE USER/
|
||||||
# PORT PORT(S) DEST LIMIT
|
# PORT PORT(S) LIMIT GROUP
|
||||||
REJECT - - udp 135
|
REJECT - - udp 135
|
||||||
REJECT - - udp 137:139
|
REJECT - - udp 137:139
|
||||||
REJECT - - udp 445
|
REJECT - - udp 445
|
||||||
|
Loading…
Reference in New Issue
Block a user