version 2.12, 2005/03/01 21:47:20 |
version 2.13, 2005/03/01 23:17:11 |
|
|
# 2004-11-14 - created |
# 2004-11-14 - created |
# |
# |
|
|
# $Platon: scripts/shell/firewall/default-firewall.conf,v 2.11 2005/01/16 15:27:15 rajo Exp $ |
# $Platon: scripts/shell/firewall/default-firewall.conf,v 2.12 2005/03/01 21:47:20 rajo Exp $ |
|
|
# uncomment next line for debugging |
# uncomment next line for debugging |
#DEBUG="echo " |
#DEBUG="echo " |
Line 53 IFACE_ACCEPT_ALL="lo tun+ tap+" |
|
Line 53 IFACE_ACCEPT_ALL="lo tun+ tap+" |
|
ALL_ACCEPT_INPUT_TCP="22" |
ALL_ACCEPT_INPUT_TCP="22" |
ALL_ACCEPT_INPUT_UDP="68" # dhcpclient |
ALL_ACCEPT_INPUT_UDP="68" # dhcpclient |
# interface eth0 |
# interface eth0 |
eth0_ACCEPT_INPUT_TCP="123 137 138 139 631 80 443 3128" |
eth0_ACCEPT_INPUT_TCP="123 137 138 139 631 80 443 3128 2220" |
# interface eth1 |
# interface eth1 |
eth1_ACCEPT_INPUT_TCP="80 6000" |
eth1_ACCEPT_INPUT_TCP="80 6000" |
# interface ppp0 |
# interface ppp0 |
Line 90 NAT_FORWARD_MICROSOFT="no" |
|
Line 90 NAT_FORWARD_MICROSOFT="no" |
|
# redirect all outgoing connections to SMTP port 25 to local server (simple virus/antispam protection) |
# redirect all outgoing connections to SMTP port 25 to local server (simple virus/antispam protection) |
# redirect all outgoing HTTP connection to transparent proxy server (squid) |
# redirect all outgoing HTTP connection to transparent proxy server (squid) |
NAT_TCP_PORT_REDIRECT="25:25 80:3128 8080:3128 1080:3128 3128:3128" |
NAT_TCP_PORT_REDIRECT="25:25 80:3128 8080:3128 1080:3128 3128:3128" |
|
|
|
# forward port 2220 from your firewall/router to local machine port 22 (ssh) |
|
# you must accept port 2220 in $eth0_ACCEPT_INPUT_TCP |
|
NAT_TCP_PORT_FORWARD="2220:192.168.0.100:22" |
|
|
# NAT only "secure" ports |
# NAT only "secure" ports |
NAT_FORWARD_TCP_PORTS="20 21 22 23 53 113 123 143 194 220 873 992 993 994 995 1241 2401 3306 3690 5190 5432 6000" |
NAT_FORWARD_TCP_PORTS="20 21 22 23 53 113 123 143 194 220 873 992 993 994 995 1241 2401 3306 3690 5190 5432 6000" |
NAT_FORWARD_UDP_PORTS="20 21 22 23 53 113 123 143 194 220 873 992 993 994 995 1241 2401 3306 3690 5190 5432 6000" |
NAT_FORWARD_UDP_PORTS="20 21 22 23 53 113 123 143 194 220 873 992 993 994 995 1241 2401 3306 3690 5190 5432 6000" |