File: [Platon] / scripts / shell / firewall / default-firewall.conf (download)
Revision 2.0, Sun Nov 14 15:23:09 2004 UTC (19 years, 5 months ago) by rajo
* Firewall configuration is now in config file.
* Default $INET_IFACE removed - replaced by per-interface configuration
options.
* Fixed bug with unloading modules.
* allow_icmp() function was not called - fixed.
|
#!/bin/sh
#
# /etc/default/firewall
#
# Example configuration file for Linux kernel firewall
#
# Developed by Lubomir Host 'rajo' <rajo AT platon.sk>
# Copyright (c) 2004 Platon SDG, http://platon.sk/
# Licensed under terms of GNU General Public License.
# All rights reserved.
#
# Changelog:
# 2004-11-14 - created
#
# $Platon$
DEFAULT_POLICY="DROP"
# which modules to load
MODULES="ipt_LOG ipt_REJECT ip_conntrack_ftp"
LOG_LIMIT="-m limit --limit 12/h --limit-burst 10"
# Paths:
IPTABLES="/sbin/iptables"
#IPTABLES=":" # for testing only - does nothing
IFCONFIG="/sbin/ifconfig"
DEPMOD="/sbin/depmod"
MODPROBE="/sbin/modprobe"
RMMOD="/sbin/rmmod"
AWK="/usr/bin/awk"
# loopback interface
LO_IFACE="${LO_IFACE:=lo}"
LO_IP="IP_$LO_IFACE"
# Which ports will be allowed on INPUT (TCP connections)
ALL_ACCEPT_INPUT_TCP=""
# interface eth0
eth0_ACCEPT_INPUT_TCP="123 137 138 139 631 22 80 443 3128"
# interface eth1
eth1_ACCEPT_INPUT_TCP="22 80 6000"
# interface ppp0
ppp0_ACCEPT_INPUT_TCP=""
# Which ports will be allowed on INPUT (UDP connections)
# interface eth0
eth0_ACCEPT_INPUT_UDP="123 137 138 139 513 631"
# interface ppp0
ppp0_ACCEPT_INPUT_UDP=""
Platon Group <platon@platon.org> http://platon.org/
| 
Login
Registration
Slovak
![[BACK]](http://cvsweb.platon.sk/icons/back.gif){kind=icon}
![[TXT]](http://cvsweb.platon.sk/icons/text.gif){kind=icon}
![[DIR]](http://cvsweb.platon.sk/icons/dir.gif){kind=icon}
Up to