forked from extern/shorewall_code
Add DROP target to the conntrack file.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
parent
5265cd5bb7
commit
c6ffdd67e2
@ -80,7 +80,7 @@ sub process_conntrack_rule( $$$$$$$$$ ) {
|
||||
# Netfilter development list
|
||||
#
|
||||
$action = 'CT --notrack' if have_capability 'CT_TARGET';
|
||||
} else {
|
||||
} elsif ( $action ne 'DROP' ) {
|
||||
( $target, my ( $option, $args, $junk ) ) = split ':', $action, 4;
|
||||
|
||||
fatal_error "Invalid notrack ACTION ( $action )" if $junk || $target ne 'CT';
|
||||
|
@ -67,8 +67,8 @@
|
||||
|
||||
<listitem>
|
||||
<para>This column is only present when FORMAT = 2. Values other than
|
||||
NOTRACK require <firstterm>CT Target </firstterm>support in your
|
||||
iptables and kernel.</para>
|
||||
NOTRACK or DROP require <firstterm>CT Target </firstterm>support in
|
||||
your iptables and kernel.</para>
|
||||
|
||||
<itemizedlist>
|
||||
<listitem>
|
||||
@ -78,6 +78,13 @@
|
||||
<para>Disables connection tracking for this packet.</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para><option>DROP</option></para>
|
||||
|
||||
<para>Added in Shorewall 4.5.10. Silently discard the
|
||||
packet.</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para><option>helper</option>:<replaceable>name</replaceable></para>
|
||||
|
||||
@ -143,6 +150,14 @@
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term/>
|
||||
|
||||
<listitem>
|
||||
<para/>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term>sane</term>
|
||||
|
||||
|
@ -77,6 +77,13 @@
|
||||
<para>Disables connection tracking for this packet.</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>DROP</para>
|
||||
|
||||
<para>Added in Shorewall 4.5.10. Silently discard the
|
||||
packet.</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para><option>helper</option>:<replaceable>name</replaceable></para>
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user