Commit 60c4b5fa authored by am's avatar am
Browse files

default von http://www.shorewall.net/3.0/XenMyWay.html


git-svn-id: https://svn/ipuppet/trunk/modules/shorewall@105 d66ca3ae-40d7-4aa7-90d4-87d79ca94279
parent a33d5afb
......@@ -105,9 +105,9 @@ RCP_COMMAND='scp ${files} ${root}@${system}:${destination}'
# F I R E W A L L O P T I O N S
###############################################################################
IP_FORWARDING=Keep
IP_FORWARDING=On
ADD_IP_ALIASES=Yes
ADD_IP_ALIASES=No
ADD_SNAT_ALIASES=No
......@@ -119,13 +119,13 @@ TC_EXPERT=No
CLEAR_TC=Yes
MARK_IN_FORWARD_CHAIN=No
MARK_IN_FORWARD_CHAIN=Yes
CLAMPMSS=No
CLAMPMSS=Yes
ROUTE_FILTER=Yes
ROUTE_FILTER=No
DETECT_DNAT_IPADDRS=No
DETECT_DNAT_IPADDRS=Yes
MUTEX_TIMEOUT=60
......@@ -143,19 +143,19 @@ BRIDGING=No
DYNAMIC_ZONES=No
PKTTYPE=Yes
PKTTYPE=No
RFC1918_STRICT=No
RFC1918_STRICT=Yes
MACLIST_TABLE=filter
MACLIST_TABLE=mangle
MACLIST_TTL=
MACLIST_TTL=60
SAVE_IPSETS=No
MAPOLDACTIONS=No
FASTACCEPT=No
FASTACCEPT=Yes
IMPLICIT_CONTINUE=Yes
......@@ -173,7 +173,7 @@ EXPORTPARAMS=Yes
BLACKLIST_DISPOSITION=DROP
MACLIST_DISPOSITION=REJECT
MACLIST_DISPOSITION=DROP
TCP_FLAGS_DISPOSITION=DROP
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment