holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Update Samples for 1.3.4

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@136 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2002-07-15 16:21:26 +00:00
parent 11d2717122
commit d863936d69
4 changed files with 59 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
Samples/one-interface/interfaces
View File

@ -48,11 +48,6 @@
# requests. 'filterping' takes # requests. 'filterping' takes
# precedence over 'noping' if both are # precedence over 'noping' if both are
# given. # given.
# routestopped - (Deprecated -- use
# /etc/shorewall/routestopped)
# When the firewall is stopped, allow
# and route traffic to and from this
# interface.
# norfc1918 - This interface should not receive # norfc1918 - This interface should not receive
# any packets whose source is in one # any packets whose source is in one
# of the ranges reserved by RFC 1918 # of the ranges reserved by RFC 1918
@ -80,21 +75,19 @@
# it's IP address via DHCP from subnet # it's IP address via DHCP from subnet
# 206.191.149.192/27 and you want pings from the internet # 206.191.149.192/27 and you want pings from the internet
# to be ignored. You interface a DMZ with subnet # to be ignored. You interface a DMZ with subnet
# 192.168.2.0/24 using eth2. You want to be able to # 192.168.2.0/24 using eth2.
# access the firewall from the local network when the
# firewall is stopped.
# #
# Your entries for this setup would look like: # Your entries for this setup would look like:
# #
# net eth0 206.191.149.223 noping,dhcp # net eth0 206.191.149.223 noping,dhcp
# local eth1 192.168.1.255 routestopped # local eth1 192.168.1.255
# dmz eth2 192.168.2.255 # dmz eth2 192.168.2.255
# #
# Example 2: The same configuration without specifying broadcast # Example 2: The same configuration without specifying broadcast
# addresses is: # addresses is:
# #
# net eth0 detect noping,dhcp # net eth0 detect noping,dhcp
# loc eth1 detect routestopped # loc eth1 detect
# dmz eth2 detect # dmz eth2 detect
# #
# Example 3: You have a simple dial-in system with no ethernet # Example 3: You have a simple dial-in system with no ethernet

27
Samples/three-interfaces/routestopped Normal file
View File

@ -0,0 +1,27 @@
##############################################################################
#
# Shorewall 1.3 -- Hosts Accessible when the Firewall is Stopped
#
# /etc/shorewall/routestopped
#
# This file is used to define the hosts that are accessible when the
# firewall is stopped
#
# Columns must be separated by white space and are:
#
# INTERFACE - Interface through which host(s) communicate with
# the firewall
# HOST(S) - (Optional) Comma-separated list of IP/subnet
# addresses. If left empty or supplied as "-",
# 0.0.0.0/0 is assumed.
#
# Example:
#
# INTERFACE HOST(S)
# eth2 192.168.1.0/24
# eth0 192.0.2.44
##############################################################################
#INTERFACE HOST(S)
eth1 -
eth2 -
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE

13
Samples/two-interfaces/interfaces
View File

@ -48,11 +48,6 @@
# requests. 'filterping' takes # requests. 'filterping' takes
# precedence over 'noping' if both are # precedence over 'noping' if both are
# given. # given.
# routestopped - (Deprecated -- use
# /etc/shorewall/routestopped)
# When the firewall is stopped, allow
# and route traffic to and from this
# interface.
# norfc1918 - This interface should not receive # norfc1918 - This interface should not receive
# any packets whose source is in one # any packets whose source is in one
# of the ranges reserved by RFC 1918 # of the ranges reserved by RFC 1918
@ -80,21 +75,19 @@
# it's IP address via DHCP from subnet # it's IP address via DHCP from subnet
# 206.191.149.192/27 and you want pings from the internet # 206.191.149.192/27 and you want pings from the internet
# to be ignored. You interface a DMZ with subnet # to be ignored. You interface a DMZ with subnet
# 192.168.2.0/24 using eth2. You want to be able to # 192.168.2.0/24 using eth2.
# access the firewall from the local network when the
# firewall is stopped.
# #
# Your entries for this setup would look like: # Your entries for this setup would look like:
# #
# net eth0 206.191.149.223 noping,dhcp # net eth0 206.191.149.223 noping,dhcp
# local eth1 192.168.1.255 routestopped # local eth1 192.168.1.255
# dmz eth2 192.168.2.255 # dmz eth2 192.168.2.255
# #
# Example 2: The same configuration without specifying broadcast # Example 2: The same configuration without specifying broadcast
# addresses is: # addresses is:
# #
# net eth0 detect noping,dhcp # net eth0 detect noping,dhcp
# loc eth1 detect routestopped # loc eth1 detect
# dmz eth2 detect # dmz eth2 detect
# #
# Example 3: You have a simple dial-in system with no ethernet # Example 3: You have a simple dial-in system with no ethernet

26
Samples/two-interfaces/routestopped Normal file
View File

@ -0,0 +1,26 @@
##############################################################################
#
# Shorewall 1.3 -- Hosts Accessible when the Firewall is Stopped
#
# /etc/shorewall/routestopped
#
# This file is used to define the hosts that are accessible when the
# firewall is stopped
#
# Columns must be separated by white space and are:
#
# INTERFACE - Interface through which host(s) communicate with
# the firewall
# HOST(S) - (Optional) Comma-separated list of IP/subnet
# addresses. If left empty or supplied as "-",
# 0.0.0.0/0 is assumed.
#
# Example:
#
# INTERFACE HOST(S)
# eth2 192.168.1.0/24
# eth0 192.0.2.44
##############################################################################
#INTERFACE HOST(S)
eth1 -
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE