2015-07-28 11:47:30 +02:00
|
|
|
#
|
|
|
|
|
# Shorewall version 4 - Rules File
|
|
|
|
|
#
|
|
|
|
|
# For information on the settings in this file, type "man shorewall-rules"
|
|
|
|
|
#
|
|
|
|
|
# The manpage is also online at
|
|
|
|
|
# http://www.shorewall.net/manpages/shorewall-rules.html
|
|
|
|
|
#
|
|
|
|
|
######################################################################################################################################################################################################
|
|
|
|
|
#ACTION SOURCE DEST PROTO DEST SOURCE ORIGINAL RATE USER/ MARK CONNLIMIT TIME HEADERS SWITCH HELPER
|
|
|
|
|
# PORT PORT(S)DEST LIMIT GROUP
|
|
|
|
|
?SECTION ALL
|
|
|
|
|
?SECTION ESTABLISHED
|
|
|
|
|
?SECTION RELATED
|
|
|
|
|
?SECTION INVALID
|
|
|
|
|
?SECTION UNTRACKED
|
|
|
|
|
?SECTION NEW
|
|
|
|
|
Invalid(DROP) net $FW tcp
|
2015-07-28 13:13:26 +02:00
|
|
|
Invalid(DROP) net dock tcp
|
|
|
|
|
Invalid(DROP) net dock udp
|
|
|
|
|
#SSH(ACCEPT) net $FW
|
2015-07-28 11:47:30 +02:00
|
|
|
# on a server you would obviously want to accept here
|
2015-07-28 13:13:26 +02:00
|
|
|
#Ping(ACCEPT) net $FW
|
