holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Update rules file

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@28 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2002-05-18 14:16:26 +00:00
parent 44170128c2
commit e393e5d4e1
1 changed files with 14 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
Shorewall/rules
View File

@ -102,11 +102,12 @@
# specify an ADDRESS in the next column, then place "-" # specify an ADDRESS in the next column, then place "-"
# in this column. # in this column.
# #
# DEST ADDRESS (0ptional) If included and different from the IP # ORIGINAL DEST (0ptional -- only allowed if ACTION is DNAT or REDIRECT)
# If included and different from the IP
# address given in the SERVER column, this is an address # address given in the SERVER column, this is an address
# on some interface on the firewall and connections to # on some interface on the firewall and connections to
# that address will be forwarded to the IP and port # that address will be forwarded to the IP and port
# specified in the SERVER column. # specified in the DEST column.
# #
# The address may optionally be followed by # The address may optionally be followed by
# a colon (":") and a second IP address. This causes # a colon (":") and a second IP address. This causes
@ -118,32 +119,32 @@
# #
# Example: Accept SMTP requests from the DMZ to the internet # Example: Accept SMTP requests from the DMZ to the internet
# #
# #ACTION SOURCE DEST PROTO DEST SOURCE DEST # #ACTION SOURCE DEST PROTO DEST SOURCE ORIGINAL
# # PORT PORT(S) ADDRESS # # PORT PORT(S) DEST
# ACCEPT dmz net tcp smtp # ACCEPT dmz net tcp smtp
# #
# Example: Forward all ssh and http connection requests from the internet # Example: Forward all ssh and http connection requests from the internet
# to local system 192.168.1.3 # to local system 192.168.1.3
# #
# #ACTION SOURCE DEST PROTO DEST SOURCE DEST # #ACTION SOURCE DEST PROTO DEST SOURCE ORIGINAL
# # PORT PORT(S) ADDRESS # # PORT PORT(S) DEST
# DNAT net loc:192.168.1.3 tcp ssh,http # DNAT net loc:192.168.1.3 tcp ssh,http
# #
# Example: Redirect all locally-originating www connection requests to # Example: Redirect all locally-originating www connection requests to
# port 3128 on the firewall (Squid running on the firewall # port 3128 on the firewall (Squid running on the firewall
# system) except when the destination address is 192.168.2.2 # system) except when the destination address is 192.168.2.2
# #
# #ACTION SOURCE DEST PROTO DEST SOURCE DEST # #ACTION SOURCE DEST PROTO DEST SOURCE ORIGINAL
# # PORT PORT(S) ADDRESS # # PORT PORT(S) DEST
# REDIRECT loc 3128 tcp www - !192.168.2.2 # REDIRECT loc 3128 tcp www - !192.168.2.2
# #
# Example: All http requests from the internet to address # Example: All http requests from the internet to address
# 130.252.100.69 are to be forwarded to 192.168.1.3 # 130.252.100.69 are to be forwarded to 192.168.1.3
# #
# #ACTION SOURCE DEST PROTO DEST SOURCE DEST # #ACTION SOURCE DEST PROTO DEST SOURCE ORIGINAL
# # PORT PORT(S) ADDRESS # # PORT PORT(S) DEST
# DNAT net loc:192.168.1.3 tcp 80 - 130.252.100.69 # DNAT net loc:192.168.1.3 tcp 80 - 130.252.100.69
############################################################################## ##############################################################################
#ACTION SOURCE DEST PROTO DEST SOURCE DEST #ACTION SOURCE DEST PROTO DEST SOURCE NAT
# PORT PORT(S) ADDRESS # PORT PORT(S) ADDRESS(ES)
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE