# # Shorewall version 4 - SANE Macro # # /usr/share/shorewall/macro.SANE # # This macro handles SANE network scanning. # ############################################################################### ?FORMAT 2 ############################################################################### #ACTION SOURCE DEST PROTO DEST SOURCE ORIGIN RATE USER/ # PORT(S) PORT(S) DEST LIMIT GROUP ?if ( __CT_TARGET && ! $AUTOHELPERS && __SANE_HELPER ) PARAM - - tcp 6566 { helper=sane } ?else PARAM - - tcp 6566 ?endif # # Kernels 2.6.23+ has nf_conntrack_sane module which will handle # sane data connection. # # If you don't have sane conntracking support you need to open whole dynamic # port range. # # This is for normal linux 2.4+ #PARAM - - tcp 32768:61000 # This is generic rule for any os running saned. #PARAM - - tcp 1024: