holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Remove Multicast from the shorewall6.conf samples

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2017-03-09 13:16:52 -08:00
parent c7a3104bdb
commit e17f22e85d
No known key found for this signature in database
GPG Key ID: 96E6B3F2423A4D10
1 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
docs/Actions.xml
View File

@ -351,8 +351,8 @@ ACCEPT - - tcp 135,139,445</programlisting>
</varlistentry>
</variablelist>
<para>The recommended settings for the 6 policy actions for IPv4 are:
</para>
<para>The recommended settings for the 6 policy actions for IPv4
are:</para>
<programlisting> ACCEPT_DEFAULT=none
BLACKLIST_DEFAULT="Broadcast(DROP),Multicast(DROP),dropNotSyn:$LOG_LEVEL,dropInvalid:$LOG_LEVEL,DropDNSrep:$LOG_LEVEL"
@ -365,11 +365,11 @@ ACCEPT - - tcp 135,139,445</programlisting>
<para>The recommended settings for IPv6 are:</para>
<programlisting> ACCEPT_DEFAULT=none
BLACKLIST_DEFAULT="AllowICMPs,Broadcast(DROP),Multicast(DROP),dropNotSyn:$LOG_LEVEL,DropDNSrep:$LOG_LEVEL"
DROP_DEFAULT="AllowICMPs,Broadcast(DROP),Multicast(DROP)"
BLACKLIST_DEFAULT="AllowICMPs,Broadcast(DROP),dropNotSyn:$LOG_LEVEL,DropDNSrep:$LOG_LEVEL"
DROP_DEFAULT="AllowICMPs,Broadcast(DROP)"
NFQUEUE_DEFAULT=none
QUEUE_DEFAULT=none
REJECT_DEFAULT="AllowICMPs,Broadcast(DROP),Multicast(DROP)"
REJECT_DEFAULT="AllowICMPs,Broadcast(DROP)"
</programlisting>
<para>Note that in both cases, logging occurs based on the setting of