diff --git a/Shorewall/action.AllowAmanda b/Shorewall/action.AllowAmanda index ce3ae1977..0abd8ee21 100644 --- a/Shorewall/action.AllowAmanda +++ b/Shorewall/action.AllowAmanda @@ -1,11 +1,13 @@ # -# Shorewall 2.0 /etc/shorewall/action.AllowAmanda +# Shorewall action.AllowAmanda # -# This action accepts connections required by the Amanda backup system. +# This action accepts connections to the AMANDA backup system. # -###################################################################################### +################################################################################ #TARGET SOURCE DEST PROTO DEST SOURCE RATE # PORT PORT(S) LIMIT -ACCEPT - - udp amanda -ACCEPT - - tcp 50000:50100 +ACCEPT - - udp 10080 +# Not sure why this is necessary - using ip_conntrack_amanda along with +# the above should be sufficient. +#ACCEPT - - tcp 50000:50100 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/Shorewall/action.AllowBitTorrent b/Shorewall/action.AllowBitTorrent index b12a8a5b7..aabf3bd3d 100644 --- a/Shorewall/action.AllowBitTorrent +++ b/Shorewall/action.AllowBitTorrent @@ -1,9 +1,9 @@ # -# Shorewall 2.0 /etc/shorewall/action.AllowBitTorrent +# Shorewall action.AllowBitTorrent # # This action accepts BitTorrent traffic. # -###################################################################################### +################################################################################ #TARGET SOURCE DEST PROTO DEST SOURCE RATE # PORT PORT(S) LIMIT ACCEPT - - tcp 6881:6889 diff --git a/Shorewall/action.AllowCVS b/Shorewall/action.AllowCVS index 5aaaa0915..229130bb1 100644 --- a/Shorewall/action.AllowCVS +++ b/Shorewall/action.AllowCVS @@ -1,9 +1,9 @@ # -# Shorewall 2.0 /etc/shorewall/action.AllowCVS +# Shorewall action.AllowCVS # -# This action accepts connections required by the CVS server +# This action accepts connections to the CVS pserver. # -###################################################################################### +################################################################################ #TARGET SOURCE DEST PROTO DEST SOURCE RATE # PORT PORT(S) LIMIT ACCEPT - - tcp 2401 diff --git a/Shorewall/action.AllowDistcc b/Shorewall/action.AllowDistcc index 862d16119..d1fdb4ada 100644 --- a/Shorewall/action.AllowDistcc +++ b/Shorewall/action.AllowDistcc @@ -1,9 +1,10 @@ # -# Shorewall 2.0 /etc/shorewall/action.AllowDistcc +# Shorewall action.AllowDistcc # -# This action accepts connections required by the Distributed Compiler service +# This action accepts connections to the Distributed Compiler +# service. # -###################################################################################### +################################################################################ #TARGET SOURCE DEST PROTO DEST SOURCE RATE # PORT PORT(S) LIMIT ACCEPT - - tcp 3632 diff --git a/Shorewall/action.AllowEdonkey b/Shorewall/action.AllowEdonkey index cfa3fe4c7..e04a0b3dc 100644 --- a/Shorewall/action.AllowEdonkey +++ b/Shorewall/action.AllowEdonkey @@ -1,11 +1,31 @@ # -# Shorewall 2.2 /usr/share/shorewall/action.AllowEdonkey +# Shorewall action.AllowEdonkey # -# This action accepts Edonkey traffic +# This action accepts Edonkey traffic. # ###################################################################################### #TARGET SOURCE DEST PROTO DEST SOURCE RATE USER/ # PORT PORT(S) LIMIT GROUP ACCEPT - - tcp 4662 ACCEPT - - udp 4665 +# +# http://www.portforward.com/english/routers/port_forwarding/2wire/1000s/eDonkey.htm +# says to use udp 5737 rather than 4665 +# +# http://www.amule.org/wiki/index.php/FAQ_ed2k says this: +# 4661 TCP (outgoing) +# Port, on which a server listens for connection (defined by server). +#4665 UDP (outgoing) +# used for global server searches and global source queries. This is +#always Server TCP port (in this case 4661) + 4. +#4662 TCP (outgoing and incoming) +# Client to client transfers. +#4672 UDP (outgoing and incoming) +# Extended eMule protocol, Queue Rating, File Reask Ping +#4711 TCP +# WebServer listening port. +#4712 TCP +# External Connection port. Used to communicate aMule with other +#applications such as aMule WebServer or aMuleCMD. +# #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/Shorewall/action.AllowGnutella b/Shorewall/action.AllowGnutella index fa11e8f96..be2fa489b 100644 --- a/Shorewall/action.AllowGnutella +++ b/Shorewall/action.AllowGnutella @@ -1,7 +1,7 @@ # -# Shorewall 2.2 /usr/share/shorewall/action.AllowGnutella +# Shorewall action.AllowGnutella # -# This action accepts gnutella traffic +# This action accepts gnutella traffic. # ###################################################################################### #TARGET SOURCE DEST PROTO DEST SOURCE RATE USER/ diff --git a/Shorewall/action.AllowICQ b/Shorewall/action.AllowICQ index b4680b3cb..8a1496975 100644 --- a/Shorewall/action.AllowICQ +++ b/Shorewall/action.AllowICQ @@ -1,9 +1,9 @@ # -# Shorewall 2.0 /etc/shorewall/action.AllowICQ +# Shorewall action.AllowICQ # # This action accepts ICQ traffic. # -###################################################################################### +################################################################################ #TARGET SOURCE DEST PROTO DEST SOURCE RATE # PORT PORT(S) LIMIT ACCEPT - - tcp 5190 diff --git a/Shorewall/action.AllowLDAP b/Shorewall/action.AllowLDAP index 2ca621817..2fc07a6a6 100644 --- a/Shorewall/action.AllowLDAP +++ b/Shorewall/action.AllowLDAP @@ -1,10 +1,12 @@ # -# Shorewall 2.0 /etc/shorewall/action.AllowLDAP +# Shorewall action.AllowLDAP # # This action accepts LDAP traffic. # -###################################################################################### +################################################################################ #TARGET SOURCE DEST PROTO DEST SOURCE RATE # PORT PORT(S) LIMIT -ACCEPT - - tcp ldap +ACCEPT - - tcp 389 +# This is LDAPS - should it be included? +#ACCEPT - - tcp 636 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/Shorewall/action.AllowMySQL b/Shorewall/action.AllowMySQL index 1a2045078..cfa15b53b 100644 --- a/Shorewall/action.AllowMySQL +++ b/Shorewall/action.AllowMySQL @@ -1,9 +1,9 @@ # -# Shorewall 2.0 /etc/shorewall/action.AllowMySQL +# Shorewall action.AllowMySQL # -# This action accepts connections required by the MySQL server +# This action accepts connections to the MySQL server. # -###################################################################################### +################################################################################ #TARGET SOURCE DEST PROTO DEST SOURCE RATE # PORT PORT(S) LIMIT ACCEPT - - tcp 3306 diff --git a/Shorewall/action.AllowPostgreSQL b/Shorewall/action.AllowPostgreSQL index 597d9bfc7..d5b5641e0 100644 --- a/Shorewall/action.AllowPostgreSQL +++ b/Shorewall/action.AllowPostgreSQL @@ -1,9 +1,9 @@ # -# Shorewall 2.0 /etc/shorewall/action.AllowPostgreSQL +# Shorewall action.AllowPostgreSQL # -# This action accepts connections required by the PostgreSQL server +# This action accepts connections to the PostgreSQL server. # -###################################################################################### +################################################################################ #TARGET SOURCE DEST PROTO DEST SOURCE RATE # PORT PORT(S) LIMIT ACCEPT - - tcp 5432 diff --git a/Shorewall/action.AllowRsync b/Shorewall/action.AllowRsync index f15e17c3b..1e421c4ab 100644 --- a/Shorewall/action.AllowRsync +++ b/Shorewall/action.AllowRsync @@ -1,10 +1,10 @@ # -# Shorewall 2.0 /etc/shorewall/action.AllowRsync +# Shorewall action.AllowRsync # -# This action accepts connections required by the Rsync server +# This action accepts connections to the rsync server. # -###################################################################################### +################################################################################ #TARGET SOURCE DEST PROTO DEST SOURCE RATE # PORT PORT(S) LIMIT -ACCEPT - - tcp rsync +ACCEPT - - tcp 873 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/Shorewall/action.AllowSMBswat b/Shorewall/action.AllowSMBswat index 0432f0e19..a3be8eb37 100644 --- a/Shorewall/action.AllowSMBswat +++ b/Shorewall/action.AllowSMBswat @@ -1,9 +1,10 @@ # -# Shorewall 2.0 /etc/shorewall/action.AllowSMBswat +# Shorewall action.AllowSMBswat # -# This action accepts connections required by the Amanda backup system. +# This action accepts connections to the Samba Web Administration +# Tool (SWAT). # -###################################################################################### +################################################################################ #TARGET SOURCE DEST PROTO DEST SOURCE RATE # PORT PORT(S) LIMIT ACCEPT - - tcp 901 diff --git a/Shorewall/action.AllowSPAMD b/Shorewall/action.AllowSPAMD index d8515f803..cab4cc097 100644 --- a/Shorewall/action.AllowSPAMD +++ b/Shorewall/action.AllowSPAMD @@ -1,7 +1,7 @@ # -# Shorewall 2.0 /etc/shorewall/action.AllowSPAMD +# Shorewall action.AllowSPAMD # -# This action accepts SPAMD traffic. +# This action accepts Spam Assassin SPAMD traffic. # ###################################################################################### #TARGET SOURCE DEST PROTO DEST SOURCE RATE USER/ diff --git a/Shorewall/action.AllowSVN b/Shorewall/action.AllowSVN index 7a07f9b84..3b075dc07 100644 --- a/Shorewall/action.AllowSVN +++ b/Shorewall/action.AllowSVN @@ -1,9 +1,9 @@ # -# Shorewall 2.0 /etc/shorewall/action.AllowSVN +# Shorewall action.AllowSVN # -# This action accepts connections required by the Subversion server +# This action accepts connections to the Subversion server. # -###################################################################################### +################################################################################ #TARGET SOURCE DEST PROTO DEST SOURCE RATE # PORT PORT(S) LIMIT ACCEPT - - tcp 3690 diff --git a/Shorewall/action.AllowSyslog b/Shorewall/action.AllowSyslog index 8065c8778..69eb86252 100644 --- a/Shorewall/action.AllowSyslog +++ b/Shorewall/action.AllowSyslog @@ -1,10 +1,10 @@ # -# Shorewall 2.0 /etc/shorewall/action.AllowSyslog +# Shorewall action.AllowSyslog # # This action accepts syslog UDP traffic. # -###################################################################################### +################################################################################ #TARGET SOURCE DEST PROTO DEST SOURCE RATE # PORT PORT(S) LIMIT -ACCEPT - - udp syslog +ACCEPT - - udp 514 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/Shorewall/action.DropEdonkey b/Shorewall/action.DropEdonkey index a2f966e36..8e76e6148 100644 --- a/Shorewall/action.DropEdonkey +++ b/Shorewall/action.DropEdonkey @@ -1,12 +1,11 @@ # -# Shorewall 2.0 /etc/shorewall/action.DropEdonkey +# Shorewall action.DropEdonkey # # This action silently drops Edonkey Traffic. # -###################################################################################### +################################################################################ #TARGET SOURCE DEST PROTO DEST SOURCE RATE # PORT PORT(S) LIMIT -# PORT PORT(S) LIMIT GROUP DROP - - tcp 4662 DROP - - udp 4665 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/Shorewall/action.DropGnutella b/Shorewall/action.DropGnutella index 669698411..aeec861cd 100644 --- a/Shorewall/action.DropGnutella +++ b/Shorewall/action.DropGnutella @@ -1,9 +1,9 @@ # -# Shorewall 2.0 /etc/shorewall/action.DropGnutella +# Shorewall action.DropGnutella # # This action silently drops Gnutella traffic. # -###################################################################################### +################################################################################ #TARGET SOURCE DEST PROTO DEST SOURCE RATE # PORT PORT(S) LIMIT DROP - - tcp 6346 diff --git a/Shorewall/action.DropSMTP b/Shorewall/action.DropSMTP index f22174073..9ea190c9d 100644 --- a/Shorewall/action.DropSMTP +++ b/Shorewall/action.DropSMTP @@ -1,10 +1,10 @@ # -# Shorewall 2.0 /etc/shorewall/action.DropSMTP +# Shorewall action.DropSMTP # # This action silently drops SMTP traffic. # -###################################################################################### +################################################################################ #TARGET SOURCE DEST PROTO DEST SOURCE RATE # PORT PORT(S) LIMIT -DROP - - tcp smtp +DROP - - tcp 25 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE