shorewall_code/Shorewall6/actions.std
Tom Eastep f7bdb71aad Add an Established action.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
2013-01-27 15:40:53 -08:00

37 lines
1.6 KiB
Plaintext

#
# Shorewall6 version 4 - Actions.std File
#
# /usr/share/shorewall6/actions.std
#
# Please see http://shorewall.net/Actions.html for additional
# information.
#
# Builtin Actions are:
#
# allowBcasts # Accept multicast and anycast packets
# dropBcasts # Silently Drop multicast and anycast packets
# dropNotSyn # Silently Drop Non-syn TCP packets
# rejNotSyn # Silently Reject Non-syn TCP packets
# dropInvalid # Silently Drop packets that are in the INVALID
# # conntrack state.
# allowInvalid # Accept packets that are in the INVALID
# # conntrack state.
#
###############################################################################
#ACTION
A_Drop # Audited Default Action for DROP policy
A_Reject # Audited Default Action for REJECT policy
A_AllowICMPs # Audited Accept needed ICMP6 types
AllowICMPs # Accept needed ICMP6 types
Broadcast noinline # Handles Broadcast/Multicast/Anycast
Drop # Default Action for DROP policy
DropSmurfs noinline # Handles packets with a broadcast source address
Established nolinline # Handles packets in the ESTABLISHED state
Invalid noinline # Handles packets in the INVALID conntrack state
NotSyn noinline # Handles TCP packets that do not have SYN=1 and ACK=0
Reject # Default Action for REJECT policy
Related noinline # Handles packets in the RELATED conntrack state
RST noinline # Handle packets with RST set
TCPFlags noinline # Handles bad flags combinations
Untracked noinline # Handles packets in the UNTRACKED conntrack state