holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Add sample action to shorewall.conf manpage.

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2013-09-01 12:20:44 -07:00
parent 67603c5eb3
commit dcff4fad37
1 changed files with 20 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
Shorewall/manpages/shorewall.conf.xml
View File

@ -2135,6 +2135,26 @@ LOG:info:,bar net fw</programlisting>
it's name in this option. The <emphasis role="bold">nolog</emphasis> it's name in this option. The <emphasis role="bold">nolog</emphasis>
option will automatically be assumed for the specified option will automatically be assumed for the specified
<replaceable>action</replaceable>.</para> <replaceable>action</replaceable>.</para>
<para>The following action implements the standard behavior:</para>
<programlisting>?format 2
#TARGET SOURCE DEST PROTO
Broadcast(DROP) - - -
DROP - - 2
INLINE - - 6 ; -j REJECT --reject-with tcp-reset
?if __ENHANCED_REJECT
INLINE - - 17 ; -j REJECT
?if __IPV4
INLINE - - 1 ; -j REJECT --reject-with icmp-host-unreachable
INLINE - - - ; -j REJECT --reject-with icmp-host-prohibited
?else
INLINE - - 58 ; -j REJECT --reject-with icmp6-addr-unreachable
INLINE - - - ; -j REJECT --reject-with icmp6-adm-prohibited
?endif
?else
INLINE - - - ; -j REJECT
?endif</programlisting>
</listitem> </listitem>
</varlistentry> </varlistentry>