shorewall-rfc1918

Langue: en

Autres versions - même langue

Version: 03/19/2009 (fedora - 06/07/09)

Section: 5 (Format de fichier)

Sommaire

rfc1918 - Shorewall file

Synopsis

/usr/share/shorewall/rfc1918

Description

The rfc1918 file determines the handling of connections under the norfc1918 option in m[blue]shorewall-interfacesm[][1](5). Do not modify FC/usr/share/shorewall/rfc1918F[]; if you need to change norfc1918 handling, then copy FC/usr/share/shorewall/rfc1918F[] to FC/etc/shorewall/rfc1918F[] and modify the copy.

The released version of this file logs and drops packets from the three address ranges reserved by RFC 1918:

 10.0.0.0/8
 172.16.0.0/12
 192.168.0.0/16

The columns in the file are as follows.

SUBNET - address

Subnet address in CIDR format.

TARGET - {RETURN|DROP|logdrop}

RETURN causes packets to/from the specified subnet to be processed normally by the applicable rules and policies.
DROP causes packets from the specified subnet to be silently dropped.
logdrop causes packets from the specified subnet to be logged at the level specified by the RFC1918_LOG_LEVEL option in m[blue]shorewall.confm[][2](5).

Also, please see the RFC1918_STRICT option in m[blue]shorewall.confm[][2](5).  

FILES

/usr/share/shorewall/rfc1918

/etc/shorewall/rfc1918

See ALSO

shorewall(8), shorewall-accounting(5), shorewall-actions(5), shorewall-blacklist(5), shorewall-hosts(5), shorewall-interfaces(5), shorewall-ipsec(5), shorewall-maclist(5), shorewall-masq(5), shorewall-nat(5), shorewall-netmap(5), shorewall-params(5), shorewall-policy(5), shorewall-providers(5), shorewall-proxyarp(5), shorewall-route_rules(5), shorewall-routestopped(5), shorewall-rules(5), shorewall.conf(5), shorewall-tcclasses(5), shorewall-tcdevices(5), shorewall-tcrules(5), shorewall-tos(5), shorewall-tunnels(5), shorewall-zones(5)

Notes

1.
shorewall-interfaces
http://www.shorewall.net/manpages/shorewall-interfaces.html
2.
shorewall.conf
http://www.shorewall.net/manpages/shorewall.conf.html