/etc/shorewall/rules #Transparent proxy REDIRECT loc 3128 tcp www - ACCEPT $FW net tcp www
#Accept DNS connections from the firewall to the network DNS/ACCEPT $FW net DNS/ACCEPT net $FW DNS/ACCEPT loc net DNS/ACCEPT $FW loc DNS/ACCEPT loc $FW #Accept SSH connections from local network for administration SSH/ACCEPT loc $FW SSH/ACCEPT net $FW SSH/ACCEPT loc net SSH/ACCEPT $FW loc #Allow Ping from local network Ping/ACCEPT loc $FW #Reject Ping from "bad" net zone.. and prevent your log from being flooded.. #Ping/REJECT net $FW ACCEPT $FW loc icmp ACCEPT $FW net icmp ACCEPT loc $FW icmp #Web Web/ACCEPT loc net #Mail POP3/ACCEPT loc net SMTP/ACCEPT loc net ICQ/ACCEPT loc net #others rules ACCEPT loc net tcp 2082,2095 ACCEPT loc net tcp 5050 ACCEPT loc net udp 5050 ACCEPT loc net tcp 5010 ACCEPT loc $FW tcp 25 ACCEPT net $FW tcp 443 ACCEPT net $FW udp 6277 ACCEPT loc $FW tcp 5050 ACCEPT $FW loc tcp 5050 ACCEPT loc $FW udp 5050 ACCEPT fw loc udp 5050 /etc/shorewall/interfaces #ZONE INTERFACE BROADCAST OPTIONS net eth0 detect loc eth1 detect #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE /etc/shorewall/zones #ZONE TYPE OPTIONS IN OUT # OPTIONS OPTIONS fw firewall net ipv4 loc ipv4 #LAST LINE - ADD YOUR ENTRIES ABOVE THIS ONE - DO NOT REMOVE /etc/shorewall/masq #INTERFACE SOURCE ADDRESS PROTO PORT(S) IPSEC eth0 eth1 #LAST LINE -- ADD YOUR ENTRIES ABOVE THIS LINE -- DO NOT REMOVE -------------------------------------------------------------- This mail sent through Bina Nusantara Student Webmail Services (http://webmail.student.binus.ac.id) -- FAQ milis di http://wiki.linux.or.id/FAQ_milis_tanya-jawab Unsubscribe: kirim email ke [EMAIL PROTECTED] Arsip dan info milis selengkapnya di http://linux.or.id/milis
