forked from extern/shorewall_code
af87d30b67
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@7 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
40 lines
1.4 KiB
Plaintext
40 lines
1.4 KiB
Plaintext
#
|
|
# Shorewall 1.2 -- Policy File
|
|
#
|
|
# /etc/shorewall/policy
|
|
#
|
|
# This file determines what to do with a new connection request if we
|
|
# don't get a match from the /etc/shorewall/rules file. For each
|
|
# client/server pair, the file is processed in order until a match is
|
|
# found ("all" will match any client or server).
|
|
#
|
|
# Columns are:
|
|
#
|
|
# CLIENT Location of client. Must be the name of a zone defined
|
|
# in /etc/shorewall/zones, "fw" or "all".
|
|
#
|
|
# SERVER Location of server. Must be the name of a zone defined
|
|
# in /etc/shorewall/zones, "fw" or "all"
|
|
#
|
|
# POLICY Policy if no match from the rules file is found. Must
|
|
# be "ACCEPT", "DENY", "REJECT"
|
|
#
|
|
# LOG LEVEL If supplied, each connection handled under the default
|
|
# POLICY is logged at that level. If not supplied, no
|
|
# log message is generated. See syslog.conf(5) for a
|
|
# description of log levels.
|
|
#
|
|
# As shipped, the default policies are:
|
|
#
|
|
# a) All connections from the local network to the internet are allowed
|
|
# b) All connections from the network are ignored but logged at syslog
|
|
# level KERNEL.INFO.
|
|
# d) All other connection requests are rejected and logged at level
|
|
# KERNEL.INFO.
|
|
###############################################################################
|
|
#CLIENT SERVER POLICY LOG LEVEL
|
|
fw net ACCEPT
|
|
net all DROP info
|
|
all all REJECT info
|
|
#LAST LINE -- ADD YOUR ENTRIES ABOVE THIS LINE -- DO NOT REMOVE
|