forked from extern/shorewall_code
Flesh out description of HELPER
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8755 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
parent
fe8e1f4d1d
commit
bb3eda9845
@ -1,6 +1,6 @@
|
||||
Changes in Shorewall 4.2.1
|
||||
|
||||
1) Added CONNBYTES to tcrules manpage.
|
||||
1) Added CONNBYTES to tcrules manpage. Flesh out description of HELPER.
|
||||
|
||||
2) Fixed minor CONNBYTES editing issue.
|
||||
|
||||
|
@ -555,7 +555,16 @@
|
||||
<listitem>
|
||||
<para>Added in Shorewall-perl 4.2.0. Names a Netfiler protocol
|
||||
<firstterm>helper</firstterm> module such as <option>ftp</option>,
|
||||
<option>sip</option>, <option>amanda</option>, etc.</para>
|
||||
<option>sip</option>, <option>amanda</option>, etc. A packet will
|
||||
match if it was accepted by the named helper module. You can also
|
||||
append "-" and a port number to the helper module name (e.g.,
|
||||
<emphasis role="bold">ftp-21</emphasis>) to specify the port number
|
||||
that the original connection was made on.</para>
|
||||
|
||||
<para>Example: Mark all FTP data connections with mark
|
||||
4:<programlisting>#MARK/ SOURCE DEST PROTO PORT(S) SOURCE USER TEST LENGTH TOS CONNBYTES HELPER
|
||||
#CLASSIFY PORT(S)
|
||||
4 0.0.0.0/0 0.0.0.0/0 TCP - - - - - - - ftp</programlisting></para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
</variablelist>
|
||||
|
Loading…
Reference in New Issue
Block a user