shorewall_code/Shorewall/action.TCPFlags
Tom Eastep 5f01bc75bd Better fix for $current_param in the INLINE block of process_rule()
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2016-03-12 18:28:27 -08:00

35 lines
792 B
Plaintext

#
# Shorewall version 5 - Drop TCPFlags Action
#
# /usr/share/shorewall/action.TCPFlags
#
# Accepts a single optional parameter:
#
# - = Do not Audit
# audit = Audit dropped packets.
#
#################################################################################
DEFAULTS -
?if @1 ne '' && @1 ne '-'
?if @1 eq 'audit'
?set tcpflags_action 'A_DROP'
?else
?error The parameter to TCPFlags must be 'audit' or '-'
?endif
?else
?set tcpflags_action 'DROP'
?endif
$tcpflags_action - - ;;+ -p 6 --tcp-flags ALL FIN,URG,PSH
$tcpflags_action - - ;;+ -p 6 --tcp-flags ALL NONE
$tcpflags_action - - ;;+ -p 6 --tcp-flags SYN,RST SYN,RST
$tcpflags_action - - ;;+ -p 6 --tcp-flags SYN,FIN SYN,FIN
$tcpflags_action - - ;;+ -p tcp --syn --sport 0