Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #
- # Shorewall version 4.0 - Sample Rules File for two-interface configuration.
- # Copyright (C) 2006,2007 by the Shorewall Team
- #
- # This library is free software; you can redistribute it and/or
- # modify it under the terms of the GNU Lesser General Public
- # License as published by the Free Software Foundation; either
- # version 2.1 of the License, or (at your option) any later version.
- #
- # See the file README.txt for further details.
- #------------------------------------------------------------------------------
- # For information about entries in this file, type "man shorewall-rules"
- ##############################################################################################################################################################################################
- #ACTION SOURCE DEST PROTO DEST SOURCE ORIGINAL RATE USER/ MARK CONNLIMIT TIME HEADERS SWITCH HELPER
- # PORT PORT(S) DEST LIMIT GROUP
- #SECTION ALL
- #SECTION ESTABLISHED
- #SECTION RELATED
- SECTION NEW
- # Don't allow connection pickup from the net
- Invalid(DROP) net all tcp
- # Accept DNS connections from the firewall to the network
- DNS(ACCEPT) $FW net
- DNS(ACCEPT) loc $FW
- # Permite conectarse al servidor por ssh desde la LAN y desde WAN
- SSH(ACCEPT) loc $FW
- SSH(ACCEPT) net $FW
- # Aceptar ssh desde el exterior y desde la lan
- SSH(ACCEPT) $FW net
- SSH(ACCEPT) $FW loc
- # Allow Ping from the local network
- Ping(ACCEPT) loc $FW
- # Drop Ping from the "bad" net zone.. and prevent your log from being flooded..
- Ping(DROP) net $FW
- ACCEPT $FW loc icmp
- ACCEPT $FW net icmp
- # SQUID
- ACCEPT $FW net tcp www
- ACCEPT loc $FW tcp www
- REDIRECT loc 3128 tcp www - !192.168.0.1
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement