holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Upgrade samples for 1.3.9

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@254 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2002-09-23 21:36:27 +00:00
parent 93ca6bd86d
commit b709e18fd1
3 changed files with 16 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
Samples/three-interfaces/interfaces
View File

@ -12,20 +12,24 @@
# of a zone defined in /etc/shorewall/zones. # of a zone defined in /etc/shorewall/zones.
# #
# If the interface serves multiple zones that will be # If the interface serves multiple zones that will be
# defined in the /etc/shorewall/hosts file, you may # defined in the /etc/shorewall/hosts file, you should
# place "-" in this column. # place "-" in this column.
# #
# INTERFACE Name of interface # INTERFACE Name of interface. Each interface may be listed only
# once in this file.
# #
# BROADCAST The broadcast address for the subnetwork to which the # BROADCAST The broadcast address for the subnetwork to which the
# interface belongs. For P-T-P interfaces, this # interface belongs. For P-T-P interfaces, this
# column is left black. # column is left black.If the interface has multiple
# addresses on multiple subnets then list the broadcast
# addresses as a comma-separated list.
# #
# If you use the special value "detect", the firewall # If you use the special value "detect", the firewall
# will detect the broadcast address for you. If you # will detect the broadcast address for you. If you
# select this option, the interface must be up before # select this option, the interface must be up before
# the firewall is started and you must have iproute # the firewall is started, you must have iproute
# installed. # installed and the interface must only be associated
# with a single subnet.
# #
# If you don't want to give a value for this column but # If you don't want to give a value for this column but
# you want to enter a value in the OPTIONS column, enter # you want to enter a value in the OPTIONS column, enter

2
Samples/three-interfaces/policy
View File

@ -18,7 +18,7 @@
# in /etc/shorewall/zones, $FW or "all" # in /etc/shorewall/zones, $FW or "all"
# #
# POLICY Policy if no match from the rules file is found. Must # POLICY Policy if no match from the rules file is found. Must
# be "ACCEPT", "DENY", "REJECT" or "CONTINUE" # be "ACCEPT", "DROP", "REJECT" or "CONTINUE"
# #
# LOG LEVEL If supplied, each connection handled under the default # LOG LEVEL If supplied, each connection handled under the default
# POLICY is logged at that level. If not supplied, no # POLICY is logged at that level. If not supplied, no

9
Samples/three-interfaces/rules
View File

@ -56,9 +56,12 @@
# MAC address 00:A0:C9:15:39:78. # MAC address 00:A0:C9:15:39:78.
# #
# Alternatively, clients may be specified by interface # Alternatively, clients may be specified by interface
# by appending ":" followed by the interface name. For # by appending ":" to the zone name followed by the
# example, loc:eth1 specifies a client that # interface name. For example, loc:eth1 specifies a
# communicates with the firewall system through eth1. # client that communicates with the firewall system
# through eth1. This may be optionally followed by
# another colon (":") and an IP/MAC/subnet address
# as described above (e.g., loc:eth1:192.168.1.5).
# #
# DEST Location of Server. May be a zone defined in # DEST Location of Server. May be a zone defined in
# /etc/shorewall/zones or $FW to indicate the firewall # /etc/shorewall/zones or $FW to indicate the firewall