forked from extern/shorewall_code
da393cf2ea
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1200 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
59 lines
2.0 KiB
INI
59 lines
2.0 KiB
INI
#
|
|
# Shorewall 2.0 - /etc/shorewall/hosts
|
|
#
|
|
# THE ONLY TIME YOU NEED THIS FILE IS WHERE YOU HAVE MORE THAN
|
|
# ONE ZONE CONNECTED THROUGH A SINGLE INTERFACE.
|
|
#
|
|
# IF YOU DON'T HAVE THAT SITUATION THEN DON'T TOUCH THIS FILE.
|
|
#
|
|
# This file is used to define zones in terms of subnets and/or
|
|
# individual IP addresses. Most simple setups don't need to
|
|
# (should not) place anything in this file.
|
|
#
|
|
# ZONE - The name of a zone defined in /etc/shorewall/zones
|
|
#
|
|
# HOST(S) - The name of an interface defined in the
|
|
# /etc/shorewall/interfaces file followed by a colon (":") and
|
|
# a comma-separated list whose elements are either:
|
|
#
|
|
# a) The IP address of a host
|
|
# b) A subnetwork in the form
|
|
# <subnet-address>/<mask width>
|
|
# c) A physical port name; only allowed when the
|
|
# interface names a bridge created by the
|
|
# brctl addbr command. This port must not
|
|
# be defined in /etc/shorewall/interfaces and may
|
|
# optionally followed by a colon (":") and a
|
|
# host or network IP.
|
|
# See http://www.shorewall.net/Bridge.html for details.
|
|
#
|
|
# Examples:
|
|
#
|
|
# eth1:192.168.1.3
|
|
# eth2:192.168.2.0/24
|
|
# eth3:192.168.2.0/24,192.168.3.1
|
|
# br0:eth4
|
|
# br0:eth0:192.168.1.16/28
|
|
#
|
|
# OPTIONS - A comma-separated list of options. Currently-defined
|
|
# options are:
|
|
#
|
|
# maclist - Connection requests from these hosts
|
|
# are compared against the contents of
|
|
# /etc/shorewall/maclist. If this option
|
|
# is specified, the interface must be
|
|
# an ethernet NIC and must be up before
|
|
# Shorewall is started.
|
|
#
|
|
# routeback - Shorewall show set up the infrastructure
|
|
# to pass packets from this/these
|
|
# address(es) back to themselves. This is
|
|
# necessary of hosts in this group use the
|
|
# services of a transparent proxy that is
|
|
# a member of the group or if DNAT is used
|
|
# to send requests originating from this
|
|
# group to a server in the group.
|
|
#
|
|
#ZONE HOST(S) OPTIONS
|
|
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS LINE -- DO NOT REMOVE
|