#
# Shorewall version 3.2 - Capabilities File
#
# /etc/shorewall/capabilities
#
#	This file is used when compiling with the -e flag. It specifies
#	the capabilities of the kernel/iptables on the target system.
#	The capabilities are listed in the same order as they appear in
#	the output of "shorewall show capabilities". If the capability
#	is available, set the corresponding variable to "Yes". Otherwise
#	leave it empty.
#
# You may generate the contents of this file programatically using the
# 'shorecap' program included with your Shorewall distribution. If you
# installed using the RPM, the file will be in the Shorewall
# documentation directory. Otherwise, please find the program in the
# directory created when you expanded the Shorewall distribution tarball.

NAT_ENABLED=Yes			# NAT
MANGLE_ENABLED=Yes		# Packet Mangling
CONNTRACK_MATCH=Yes		# Connection Tracking Match
USEPKTTYPE=			# Packet Type Match
MULTIPORT=Yes			# Multi-port Match
XMULTIPORT=Yes			# Extended Multi-port Match
POLICY_MATCH=Yes		# Policy Match
PHYSDEV_MATCH=Yes		# Physdev Match
LENGTH_MATCH=Yes		# Packet Length Match
IPRANGE_MATCH=Yes		# IP range Match
RECENT_MATCH=Yes		# Recent Match
OWNER_MATCH=Yes			# Owner match
IPSET_MATCH=			# Ipset Match
CONNMARK=Yes			# CONNMARK Target
CONNMARK_MATCH=Yes		# Connmark Match
RAW_TABLE=Yes			# Raw Table
IPP2P_MATCH=			# IPP2P Match
CLASSIFY_TARGET=Yes		# CLASSIFY Target
ENHANCED_REJECT=Yes		# Extended REJECT