summaryrefslogtreecommitdiffstats
path: root/etc/shorewall
diff options
context:
space:
mode:
Diffstat (limited to 'etc/shorewall')
-rw-r--r--etc/shorewall/interfaces19
-rw-r--r--etc/shorewall/params28
-rw-r--r--etc/shorewall/policy18
-rw-r--r--etc/shorewall/rules31
-rw-r--r--etc/shorewall/shorewall.conf249
-rw-r--r--etc/shorewall/zones17
6 files changed, 0 insertions, 362 deletions
diff --git a/etc/shorewall/interfaces b/etc/shorewall/interfaces
deleted file mode 100644
index 21cad8cc..00000000
--- a/etc/shorewall/interfaces
+++ /dev/null
@@ -1,19 +0,0 @@
-#
-# Shorewall version 4.0 - Sample Interfaces File for one-interface configuration.
-# Copyright (C) 2006 by the Shorewall Team
-#
-# This library is free software; you can redistribute it and/or
-# modify it under the terms of the GNU Lesser General Public
-# License as published by the Free Software Foundation; either
-# version 2.1 of the License, or (at your option) any later version.
-#
-# See the file README.txt for further details.
-#------------------------------------------------------------------------------
-# For information about entries in this file, type "man shorewall-interfaces"
-###############################################################################
-FORMAT 2
-###############################################################################
-#ZONE INTERFACE OPTIONS
-net eth0 dhcp,tcpflags,logmartians,nosmurfs,sourceroute=0
-# to be safe in case of interface renamings..
-net eth1 dhcp,tcpflags,logmartians,nosmurfs,sourceroute=0
diff --git a/etc/shorewall/params b/etc/shorewall/params
deleted file mode 100644
index a60512b4..00000000
--- a/etc/shorewall/params
+++ /dev/null
@@ -1,28 +0,0 @@
-#
-# Shorewall version 4 - Params File
-#
-# /etc/shorewall/params
-#
-# Assign any variables that you need here.
-#
-# It is suggested that variable names begin with an upper case letter
-# to distinguish them from variables used internally within the
-# Shorewall programs
-#
-# Example:
-#
-# NET_IF=eth0
-# NET_BCAST=130.252.100.255
-# NET_OPTIONS=routefilter,norfc1918
-#
-# Example (/etc/shorewall/interfaces record):
-#
-# net $NET_IF $NET_BCAST $NET_OPTIONS
-#
-# The result will be the same as if the record had been written
-#
-# net eth0 130.252.100.255 routefilter,norfc1918
-#
-###############################################################################
-
-#LAST LINE -- DO NOT REMOVE
diff --git a/etc/shorewall/policy b/etc/shorewall/policy
deleted file mode 100644
index b6edc636..00000000
--- a/etc/shorewall/policy
+++ /dev/null
@@ -1,18 +0,0 @@
-#
-# Shorewall version 4.0 - Sample Policy File for one-interface configuration.
-# Copyright (C) 2006 by the Shorewall Team
-#
-# This library is free software; you can redistribute it and/or
-# modify it under the terms of the GNU Lesser General Public
-# License as published by the Free Software Foundation; either
-# version 2.1 of the License, or (at your option) any later version.
-#
-# See the file README.txt for further details.
-#-----------------------------------------------------------------------------
-# For information about entries in this file, type "man shorewall-policy"
-###############################################################################
-#SOURCE DEST POLICY LOG LEVEL LIMIT:BURST
-$FW net ACCEPT
-net all DROP info
-# The FOLLOWING POLICY MUST BE LAST
-all all REJECT info
diff --git a/etc/shorewall/rules b/etc/shorewall/rules
deleted file mode 100644
index 1b7c8ffe..00000000
--- a/etc/shorewall/rules
+++ /dev/null
@@ -1,31 +0,0 @@
-#
-# Shorewall version 4.0 - Sample Rules File for one-interface configuration.
-# Copyright (C) 2006 by the Shorewall Team
-#
-# This library is free software; you can redistribute it and/or
-# modify it under the terms of the GNU Lesser General Public
-# License as published by the Free Software Foundation; either
-# version 2.1 of the License, or (at your option) any later version.
-#
-# See the file README.txt for further details.
-#------------------------------------------------------------------------------------------------------------
-# For information on entries in this file, type "man shorewall-rules"
-######################################################################################################################################################################################
-#ACTION SOURCE DEST PROTO DEST SOURCE ORIGINAL RATE USER/ MARK CONNLIMIT TIME HEADERS SWITCH
-# PORT PORT(S) DEST LIMIT GROUP
-#SECTION ALL
-#SECTION ESTABLISHED
-#SECTION RELATED
-SECTION NEW
-
-# Drop Ping from the "bad" net zone.. and prevent your log from being flooded..
-#Ping(DROP) net $FW
-
-# Permit all ICMP traffic FROM the firewall TO the net zone
-ACCEPT net $FW icmp
-ACCEPT $FW net icmp
-
-# incoming http and ssh are allowed
-ACCEPT net $FW tcp 80,443
-ACCEPT net $FW tcp 22
-
diff --git a/etc/shorewall/shorewall.conf b/etc/shorewall/shorewall.conf
deleted file mode 100644
index f491c51b..00000000
--- a/etc/shorewall/shorewall.conf
+++ /dev/null
@@ -1,249 +0,0 @@
-###############################################################################
-#
-# Shorewall version 4.0 - Sample shorewall.conf for one-interface
-# configuration.
-# Copyright (C) 2006 by the Shorewall Team
-#
-# This library is free software; you can redistribute it and/or
-# modify it under the terms of the GNU Lesser General Public
-# License as published by the Free Software Foundation; either
-# version 2.1 of the License, or (at your option) any later version.
-#
-# See the file README.txt for further details.
-#
-# For information about the settings in this file, type "man shorewall.conf"
-#
-# The manpage is also online at
-# http://shorewall.net/manpages/shorewall.conf.html
-#
-###############################################################################
-# S T A R T U P E N A B L E D
-###############################################################################
-
-STARTUP_ENABLED=Yes
-
-###############################################################################
-# V E R B O S I T Y
-###############################################################################
-
-VERBOSITY=1
-
-###############################################################################
-# L O G G I N G
-###############################################################################
-
-BLACKLIST_LOGLEVEL=
-
-LOG_MARTIANS=Yes
-
-LOG_VERBOSITY=2
-
-LOGALLNEW=
-
-LOGFILE=/var/log/messages
-
-LOGFORMAT="Shorewall:%s:%s:"
-
-LOGTAGONLY=No
-
-LOGLIMIT=
-
-MACLIST_LOG_LEVEL=info
-
-RELATED_LOG_LEVEL=
-
-SFILTER_LOG_LEVEL=info
-
-SMURF_LOG_LEVEL=info
-
-STARTUP_LOG=/var/log/shorewall-init.log
-
-TCP_FLAGS_LOG_LEVEL=info
-
-###############################################################################
-# L O C A T I O N O F F I L E S A N D D I R E C T O R I E S
-###############################################################################
-
-CONFIG_PATH=${CONFDIR}/shorewall:${SHAREDIR}/shorewall
-
-GEOIPDIR=/usr/share/xt_geoip/LE
-
-IPTABLES=
-
-IP=
-
-IPSET=
-
-LOCKFILE=
-
-MODULESDIR=
-
-PERL=/usr/bin/perl
-
-PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin
-
-RESTOREFILE=restore
-
-SHOREWALL_SHELL=/bin/sh
-
-SUBSYSLOCK=
-
-TC=
-
-###############################################################################
-# D E F A U L T A C T I O N S / M A C R O S
-###############################################################################
-
-ACCEPT_DEFAULT="none"
-DROP_DEFAULT="Drop"
-NFQUEUE_DEFAULT="none"
-QUEUE_DEFAULT="none"
-REJECT_DEFAULT="Reject"
-
-###############################################################################
-# R S H / R C P C O M M A N D S
-###############################################################################
-
-RCP_COMMAND='scp ${files} ${root}@${system}:${destination}'
-RSH_COMMAND='ssh ${root}@${system} ${command}'
-
-###############################################################################
-# F I R E W A L L O P T I O N S
-###############################################################################
-
-ACCOUNTING=Yes
-
-ACCOUNTING_TABLE=filter
-
-ADD_IP_ALIASES=No
-
-ADD_SNAT_ALIASES=No
-
-ADMINISABSENTMINDED=Yes
-
-AUTO_COMMENT=Yes
-
-AUTOMAKE=No
-
-BLACKLISTNEWONLY=Yes
-
-CLAMPMSS=No
-
-CLEAR_TC=Yes
-
-COMPLETE=No
-
-DISABLE_IPV6=No
-
-DELETE_THEN_ADD=Yes
-
-DETECT_DNAT_IPADDRS=No
-
-DONT_LOAD=
-
-DYNAMIC_BLACKLIST=Yes
-
-EXPAND_POLICIES=Yes
-
-EXPORTMODULES=Yes
-
-FASTACCEPT=No
-
-FORWARD_CLEAR_MARK=
-
-IMPLICIT_CONTINUE=No
-
-IPSET_WARNINGS=Yes
-
-IP_FORWARDING=Off
-
-KEEP_RT_TABLES=No
-
-LOAD_HELPERS_ONLY=Yes
-
-LEGACY_FASTSTART=No
-
-MACLIST_TABLE=filter
-
-MACLIST_TTL=
-
-MANGLE_ENABLED=Yes
-
-MAPOLDACTIONS=No
-
-MARK_IN_FORWARD_CHAIN=No
-
-MODULE_SUFFIX=ko
-
-MULTICAST=No
-
-MUTEX_TIMEOUT=60
-
-NULL_ROUTE_RFC1918=No
-
-OPTIMIZE=1
-
-OPTIMIZE_ACCOUNTING=No
-
-REQUIRE_INTERFACE=No
-
-RESTORE_DEFAULT_ROUTE=Yes
-
-RETAIN_ALIASES=No
-
-ROUTE_FILTER=No
-
-SAVE_IPSETS=No
-
-TC_ENABLED=Internal
-
-TC_EXPERT=No
-
-TC_PRIOMAP="2 3 3 3 2 3 1 1 2 2 2 2 2 2 2 2"
-
-TRACK_PROVIDERS=Yes
-
-USE_DEFAULT_RT=No
-
-USE_PHYSICAL_NAMES=No
-
-ZONE2ZONE=2
-
-###############################################################################
-# P A C K E T D I S P O S I T I O N
-###############################################################################
-
-BLACKLIST_DISPOSITION=DROP
-
-MACLIST_DISPOSITION=REJECT
-
-RELATED_DISPOSITION=ACCEPT
-
-SMURF_DISPOSITION=DROP
-
-SFILTER_DISPOSITION=DROP
-
-TCP_FLAGS_DISPOSITION=DROP
-
-################################################################################
-# P A C K E T M A R K L A Y O U T
-################################################################################
-
-TC_BITS=
-
-PROVIDER_BITS=
-
-PROVIDER_OFFSET=
-
-MASK_BITS=
-
-ZONE_BITS=0
-
-################################################################################
-# L E G A C Y O P T I O N
-# D O N O T D E L E T E O R A L T E R
-################################################################################
-
-IPSECFILE=zones
-
-#LAST LINE -- DO NOT REMOVE
diff --git a/etc/shorewall/zones b/etc/shorewall/zones
deleted file mode 100644
index 5084ff11..00000000
--- a/etc/shorewall/zones
+++ /dev/null
@@ -1,17 +0,0 @@
-#
-# Shorewall version 4.0 - Sample Zones File for one-interface configuration.
-# Copyright (C) 2006 by the Shorewall Team
-#
-# This library is free software; you can redistribute it and/or
-# modify it under the terms of the GNU Lesser General Public
-# License as published by the Free Software Foundation; either
-# version 2.1 of the License, or (at your option) any later version.
-#
-# See the file README.txt for further details.
-#-----------------------------------------------------------------------------
-# For information about entries in this file, type "man shorewall-zones"
-###############################################################################
-#ZONE TYPE OPTIONS IN OUT
-# OPTIONS OPTIONS
-fw firewall
-net ipv4