forked from extern/shorewall_code
document more macros and services
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@4283 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
judas_iscariote
parent
f5fef4526a
commit
6ee356877f
@ -13,10 +13,14 @@
|
||||
</author>
|
||||
</authorgroup>
|
||||
|
||||
<othercredit>
|
||||
<surname>Cristian Rodriguez R.</surname>
|
||||
</othercredit>
|
||||
|
||||
<pubdate><?dbtimestamp format="Y/m/d"?></pubdate>
|
||||
|
||||
<copyright>
|
||||
<year>2001-2006</year>
|
||||
<year>2001-<?dbtimestamp format="Y"?></year>
|
||||
|
||||
<holder>Thomas M. Eastep</holder>
|
||||
</copyright>
|
||||
@ -202,13 +206,18 @@ ICQ/ACCEPT <emphasis><source></emphasis> net</programlisting>
|
||||
<title>IMAP</title>
|
||||
|
||||
<caution>
|
||||
<para>When accessing you mail from the internet,use <emphasis
|
||||
<para>When accessing your mail from the internet,use <emphasis
|
||||
role="bold">only</emphasis> <emphasis role="bold">IMAP over
|
||||
SSL</emphasis></para>
|
||||
SSL.</emphasis></para>
|
||||
</caution>
|
||||
|
||||
<caution>
|
||||
<para>This information is valid only for Shorewall 3.2 or later.</para>
|
||||
</caution>
|
||||
|
||||
<programlisting>#ACTION SOURCE DESTINATION PROTO DEST PORT(S)
|
||||
IMAP/ACCEPT <emphasis><source></emphasis> <emphasis><destination></emphasis> #Secure & Unsecure IMAP</programlisting>
|
||||
IMAP/ACCEPT <emphasis><source></emphasis> <emphasis><destination></emphasis> # Unsecure IMAP
|
||||
IMAPS/ACCEPT <source> <destination> # IMAP over SSL.</programlisting>
|
||||
</section>
|
||||
|
||||
<section>
|
||||
@ -226,6 +235,18 @@ ACCEPT <emphasis><destination></emphasis> <emphasis><source></e
|
||||
url="VPN.htm">here</ulink>.</para>
|
||||
</section>
|
||||
|
||||
<section>
|
||||
<title>LDAP</title>
|
||||
|
||||
<caution>
|
||||
<para>This information is valid only for Shorewall 3.2 or later.</para>
|
||||
</caution>
|
||||
|
||||
<programlisting>#ACTION SOURCE DESTINATION PROTO DEST PORT(S)
|
||||
LDAP/ACCEPT <emphasis><source></emphasis> <emphasis> <destination></emphasis> <emphasis> #Insecure LDAP</emphasis>
|
||||
LDAPS/ACCEPT <emphasis><emphasis><source></emphasis> <emphasis> <destination></emphasis></emphasis><emphasis></emphasis> # LDAP over SSL</programlisting>
|
||||
</section>
|
||||
|
||||
<section>
|
||||
<title>NFS</title>
|
||||
|
||||
@ -252,17 +273,20 @@ PCA/ACCEPT <emphasis><source></emphasis> <emphasis><destination>
|
||||
</section>
|
||||
|
||||
<section>
|
||||
<title>Pop3</title>
|
||||
<title>POP3</title>
|
||||
|
||||
<caution>
|
||||
<para>If Possible , <emphasis role="bold">Avoid this protocol</emphasis>
|
||||
, use <emphasis role="bold">IMAP</emphasis> instead.</para>
|
||||
</caution>
|
||||
|
||||
<para>TCP Port 110 (Secure Pop3 is TCP Port 995)</para>
|
||||
<caution>
|
||||
<para>This information is valid only for Shorewall 3.2 or later</para>
|
||||
</caution>
|
||||
|
||||
<programlisting>#ACTION SOURCE DESTINATION PROTO DEST PORT(S)
|
||||
POP3/ACCEPT <emphasis><source></emphasis> <emphasis><destination></emphasis> # Secure & Unsecure Pop3</programlisting>
|
||||
POP3/ACCEPT <emphasis><source></emphasis> <emphasis><destination></emphasis> # Secure
|
||||
POP3S/ACCEPT <source> <destination> #Unsecure Pop3</programlisting>
|
||||
</section>
|
||||
|
||||
<section>
|
||||
@ -298,7 +322,8 @@ SSH/ACCEPT <emphasis><source></emphasis> <emphasis><destination></e
|
||||
</section>
|
||||
|
||||
<section>
|
||||
<title>SMB/NMB (Samba/Windows Browsing/File Sharing)</title>
|
||||
<title>SMB/NMB (Samba/<trademark>Windows</trademark> Browsing/File
|
||||
Sharing)</title>
|
||||
|
||||
<programlisting>#ACTION SOURCE DESTINATION PROTO DEST PORT(S)
|
||||
SMB/ACCEPT <emphasis><source></emphasis> <emphasis> <destination></emphasis>
|
||||
@ -310,9 +335,13 @@ SMB/ACCEPT <emphasis><destination></emphasis> <emphasis><source>
|
||||
<section>
|
||||
<title>SMTP</title>
|
||||
|
||||
<programlisting>#ACTION SOURCE DESTINATION PROTO DEST PORT(S)
|
||||
SMTP/ACCEPT<emphasis><source></emphasis> <emphasis><destination></emphasis> #Insecure SMTP
|
||||
ACCEPT <emphasis><source></emphasis> <emphasis><destination></emphasis> tcp 465 #SMTP over SSL (TLS)</programlisting>
|
||||
<caution>
|
||||
<para>This information is valid only for Shorewall 3.2 or later.</para>
|
||||
</caution>
|
||||
|
||||
<programlisting>#ACTION SOURCE DESTINATION PROTO DEST PORT(S)
|
||||
SMTP/ACCEPT<emphasis> <source></emphasis> <emphasis><destination></emphasis> #Insecure SMTP
|
||||
SMTPS/ACCEPT <emphasis><source></emphasis> <emphasis><destination></emphasis> #SMTP over SSL (TLS)</programlisting>
|
||||
</section>
|
||||
|
||||
<section>
|
||||
@ -322,9 +351,30 @@ ACCEPT <emphasis><source></emphasis> <emphasis><destination></e
|
||||
SNMP/ACCEPT <emphasis><source></emphasis> <emphasis><destination></emphasis></programlisting>
|
||||
</section>
|
||||
|
||||
<section>
|
||||
<title>SVN</title>
|
||||
|
||||
<caution>
|
||||
<para>This information is valid only for Shorewall 3.2 or later.</para>
|
||||
</caution>
|
||||
|
||||
<caution>
|
||||
<para>This rule is for Subversion running in <emphasis
|
||||
role="bold">svnserve mode only.</emphasis></para>
|
||||
</caution>
|
||||
|
||||
<programlisting>#ACTION SOURCE DESTINATION PROTO DEST PORT(S)
|
||||
SVN/ACCEPT <emphasis><source></emphasis> <emphasis><destination></emphasis></programlisting>
|
||||
</section>
|
||||
|
||||
<section>
|
||||
<title>Telnet</title>
|
||||
|
||||
<caution>
|
||||
<para><emphasis role="bold"><emphasis>The telnet protocol is very
|
||||
insecure</emphasis>, don't use it.</emphasis></para>
|
||||
</caution>
|
||||
|
||||
<programlisting>#ACTION SOURCE DESTINATION PROTO DEST PORT(S)
|
||||
Telnet/ACCEPT <emphasis><source></emphasis> <emphasis><destination></emphasis></programlisting>
|
||||
</section>
|
||||
@ -369,7 +419,8 @@ ACCEPT fw ...</programlisting>
|
||||
<title>Usenet (NNTP)</title>
|
||||
|
||||
<programlisting>#ACTION SOURCE DESTINATION PROTO DEST PORT(S)
|
||||
NNTP/ACCEPT <emphasis><source></emphasis> <emphasis><destination></emphasis> </programlisting>
|
||||
NNTP/ACCEPT <emphasis><source></emphasis> <emphasis><destination></emphasis>
|
||||
NNTPS/ACCEPT <source> <destination> # secure NNTP</programlisting>
|
||||
|
||||
<para>TCP Port 119</para>
|
||||
</section>
|
||||
@ -409,8 +460,13 @@ VNCL/ACCEPT <emphasis><source></emphasis> <emphasis><destination&g
|
||||
<section>
|
||||
<title>Web Access</title>
|
||||
|
||||
<caution>
|
||||
<para>This information is valid for Shorewall 3.2 or later.</para>
|
||||
</caution>
|
||||
|
||||
<programlisting>#ACTION SOURCE DESTINATION PROTO DEST PORT(S)
|
||||
Web/ACCEPT <emphasis><source></emphasis> <emphasis><destination></emphasis> #Insecure HTTP& Secure HTTP</programlisting>
|
||||
HTTP/ACCEPT <emphasis><source></emphasis> <emphasis><destination></emphasis> #Insecure HTTP
|
||||
HTTPS/ACCEPT <source> <destination> #Secure HTTP</programlisting>
|
||||
</section>
|
||||
|
||||
<section>
|
||||
@ -454,6 +510,16 @@ ACCEPT <<emphasis>apps</emphasis>> <<emphasis>chooser</emphasis>
|
||||
<title>Revision History</title>
|
||||
|
||||
<para><revhistory>
|
||||
<revision>
|
||||
<revnumber>1.18</revnumber>
|
||||
|
||||
<date>2006-07-18</date>
|
||||
|
||||
<authorinitials>CR</authorinitials>
|
||||
|
||||
<revremark>Updated for Shorewall 3.2</revremark>
|
||||
</revision>
|
||||
|
||||
<revision>
|
||||
<revnumber>1.18</revnumber>
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user