Shorewall: Difference between revisions

From Edgar BV Wiki
Jump to navigation Jump to search
New page: /etc/default/shorewall Set startup=1 In /usr/share/doc/shorewall-common/default-config make the following edits to the following files and then copy them to /etc/shorewall interfaces net...
 
No edit summary
Line 1: Line 1:
<pre>
/etc/default/shorewall
/etc/default/shorewall
Set startup=1
Set startup=1
Line 42: Line 43:
net    ipv4
net    ipv4
(above fw      firewall)
(above fw      firewall)
</pre>

Revision as of 15:02, 20 November 2008

/etc/default/shorewall
Set startup=1

In /usr/share/doc/shorewall-common/default-config
make the following edits to the following files and then copy them to /etc/shorewall

interfaces
net     eth1    82.94.91.79

modules
(no edits)

policy
fw      net     ACCEPT
net     all     DROP    info
all     all     REJECT  info

rules
(under SECTION NEW)
ACCEPT   net    fw      tcp     smtp
ACCEPT   net    fw      tcp     pop3
ACCEPT   net    fw      tcp     ssh
ACCEPT   net    fw      tcp     ftp
ACCEPT   net    fw      tcp     ftp-data
ACCEPT   net    fw      tcp     domain
ACCEPT   net    fw      udp     domain
ACCEPT   fw     net     udp     domain
ACCEPT   net    fw      tcp     http
ACCEPT   fw     net     tcp     http
ACCEPT   net    fw      tcp     https
ACCEPT   net    fw      tcp     snmp
ACCEPT   fw     net     tcp     snmp
ACCEPT   net    fw      udp     snmp
ACCEPT   fw     net     udp     snmp
ACCEPT  net     fw      tcp     143
ACCEPT  net     fw      udp     143

start
dmesg -n5

zones
net     ipv4
(above fw      firewall)