Différences

Ci-dessous, les différences entre deux révisions de la page.

--- informatique:reseau:shorewall [12/03/2021 18:00] – cyrille
+++ informatique:reseau:shorewall [12/03/2021 18:02] (Version actuelle) – cyrille
@@ Ligne 21: / Ligne 21: @@
 net eth0 dhcp,tcpflags,logmartians,nosmurfs
 lan eth1
+</code>
+<code>
+$ cat /etc/shorewall/zones
+# Shorewall -- /etc/shorewall/zones
+#
+# For information about this file, type "man shorewall-zones"
+#
+# The manpage is also online at
+# http://www.shorewall.net/manpages/shorewall-zones.html
+#
+###############################################################################
+#ZONE		TYPE		OPTIONS		IN_OPTIONS	OUT_OPTIONS
+fw		firewall
+net	ipv4
+lan	ipv4
+</code>
+<code>
+$ cat /etc/shorewall/policy
+#
+# Shorewall -- /etc/shorewall/policy
+#
+# For information about entries in this file, type "man shorewall-policy"
+#
+# The manpage is also online at
+# http://www.shorewall.net/manpages/shorewall-policy.html
+#
+###############################################################################
+#SOURCE		DEST		POLICY	LOGLEVEL	RATE	CONNLIMIT
+$FW		net		ACCEPT
+net		all		DROP	info
+lan		all		ACCEPT	info
+# The FOLLOWING POLICY MUST BE LAST
+all		all		REJECT	info
+</code>
+<code>
+$ cat /etc/shorewall/rules
+#
+# Shorewall -- /etc/shorewall/rules
+#
+# For information on the settings in this file, type "man shorewall-rules"
+#
+# The manpage is also online at
+# http://www.shorewall.net/manpages/shorewall-rules.html
+#
+##############################################################################################################################################################
+#ACTION		SOURCE		DEST		PROTO	DPORT	SPORT	ORIGDEST	RATE	USER	MARK	CONNLIMIT	TIME	HEADERS	SWITCH	HELPER
+?SECTION ALL
+?SECTION ESTABLISHED
+?SECTION RELATED
+?SECTION INVALID
+?SECTION UNTRACKED
+?SECTION NEW
+ACCEPT	net	$FW	icmp	8
+ACCEPT	net	$FW	tcp	22
+ACCEPT	net	$FW	tcp	80
+ACCEPT	net	$FW	tcp	443
 </code>