diff options
author | Holger Levsen <holger@layer-acht.org> | 2012-10-21 14:55:35 +0200 |
---|---|---|
committer | Holger Levsen <holger@layer-acht.org> | 2012-10-21 14:55:35 +0200 |
commit | 63b2dbce87c82b917cd5e0574f04d51f0cf52d4f (patch) | |
tree | c1774c227e5aa56010b7b7fa46c2dbdf4d5f1551 /etc/shorewall6/rules | |
parent | ec412beda5d3fba47597cce64aa235ffff203c36 (diff) | |
download | jenkins.debian.net-63b2dbce87c82b917cd5e0574f04d51f0cf52d4f.tar.xz |
setup shorewall(6) and let squid cache files up to 50MB
Diffstat (limited to 'etc/shorewall6/rules')
-rw-r--r-- | etc/shorewall6/rules | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/etc/shorewall6/rules b/etc/shorewall6/rules new file mode 100644 index 00000000..e051f8e0 --- /dev/null +++ b/etc/shorewall6/rules @@ -0,0 +1,28 @@ +# +# Shorewall6 version 4 - Sample Rules File for one-interface configuration. +# Copyright (C) 2006,2008 by the Shorewall Team +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# See the file README.txt for further details. +#------------------------------------------------------------------------------------------------------------ +# For information on entries in this file, type "man shorewall6-rules" +########################################################################################################################################################################### +#ACTION SOURCE DEST PROTO DEST SOURCE ORIGINAL RATE USER/ MARK CONNLIMIT TIME HEADERS SWITCH +# PORT PORT(S) DEST LIMIT GROUP +#SECTION ALL +#SECTION ESTABLISHED +#SECTION RELATED +SECTION NEW + +# Drop Ping from the "bad" net zone.. and prevent your log from being flooded.. + +Ping(DROP) net $FW + +# Permit all ICMP traffic FROM the firewall TO the net zone + +ACCEPT $FW net ipv6-icmp + |