forked from extern/shorewall_code
Flesh out description of HELPER
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8755 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
parent
fe8e1f4d1d
commit
bb3eda9845
@ -1,6 +1,6 @@
|
|||||||
Changes in Shorewall 4.2.1
|
Changes in Shorewall 4.2.1
|
||||||
|
|
||||||
1) Added CONNBYTES to tcrules manpage.
|
1) Added CONNBYTES to tcrules manpage. Flesh out description of HELPER.
|
||||||
|
|
||||||
2) Fixed minor CONNBYTES editing issue.
|
2) Fixed minor CONNBYTES editing issue.
|
||||||
|
|
||||||
|
@ -555,7 +555,16 @@
|
|||||||
<listitem>
|
<listitem>
|
||||||
<para>Added in Shorewall-perl 4.2.0. Names a Netfiler protocol
|
<para>Added in Shorewall-perl 4.2.0. Names a Netfiler protocol
|
||||||
<firstterm>helper</firstterm> module such as <option>ftp</option>,
|
<firstterm>helper</firstterm> module such as <option>ftp</option>,
|
||||||
<option>sip</option>, <option>amanda</option>, etc.</para>
|
<option>sip</option>, <option>amanda</option>, etc. A packet will
|
||||||
|
match if it was accepted by the named helper module. You can also
|
||||||
|
append "-" and a port number to the helper module name (e.g.,
|
||||||
|
<emphasis role="bold">ftp-21</emphasis>) to specify the port number
|
||||||
|
that the original connection was made on.</para>
|
||||||
|
|
||||||
|
<para>Example: Mark all FTP data connections with mark
|
||||||
|
4:<programlisting>#MARK/ SOURCE DEST PROTO PORT(S) SOURCE USER TEST LENGTH TOS CONNBYTES HELPER
|
||||||
|
#CLASSIFY PORT(S)
|
||||||
|
4 0.0.0.0/0 0.0.0.0/0 TCP - - - - - - - ftp</programlisting></para>
|
||||||
</listitem>
|
</listitem>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
</variablelist>
|
</variablelist>
|
||||||
|
Loading…
Reference in New Issue
Block a user