Sophie

Sophie

distrib > Mandriva > mes5 > x86_64 > by-pkgid > 45723c51178a73df679c2a8284d8eeff > files > 143

shorewall-doc-4.0.15-0.2mdvmes5.noarch.rpm

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>shorewall-blacklist</title><link rel="stylesheet" href="html.css" type="text/css" /><meta name="generator" content="DocBook XSL Stylesheets V1.73.2" /></head><body><div class="refentry" lang="en" xml:lang="en"><a id="id289787"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>blacklist — Shorewall Blacklist file</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">/etc/shorewall/blacklist</code> </p></div></div><div class="refsect1" lang="en" xml:lang="en"><a id="id289823"></a><h2>Description</h2><p>The blacklist file is used to perform static blacklisting. You can
    blacklist by source address (IP or MAC), or by application.</p><p>The columns in the file are as follows.</p><div class="variablelist"><dl><dt><span class="term"><span class="bold"><strong>ADDRESS/SUBNET</strong></span> - {<span class="bold"><strong>-</strong></span>|<span class="bold"><strong>~</strong></span><span class="emphasis"><em>mac-address</em></span>|<span class="emphasis"><em>ip-address</em></span>|<span class="emphasis"><em>address-range</em></span>|<span class="bold"><strong>+</strong></span><span class="emphasis"><em>ipset</em></span>}</span></dt><dd><p>Host address, network address, MAC address, IP address range
          (if your kernel and iptables contain iprange match support) or ipset
          name prefaced by "+" (if your kernel supports ipset match).</p><p>MAC addresses must be prefixed with "~" and use "-" as a
          separator.</p><p>Example: ~00-A0-C9-15-39-78</p><p>A dash ("-") in this column means that any source address will
          match. This is useful if you want to blacklist a particular
          application using entries in the PROTOCOL and PORTS columns.</p></dd><dt><span class="term"><span class="bold"><strong>PROTOCOL</strong></span> (Optional) -
        {<span class="bold"><strong>-</strong></span>|<span class="emphasis"><em>protocol-number</em></span>|<span class="emphasis"><em>protocol-name</em></span>}</span></dt><dd><p>If specified, must be a protocol number or a protocol name
          from protocols(5).</p></dd><dt><span class="term"><span class="bold"><strong>PORTS</strong></span> (Optional) - {<span class="bold"><strong>-</strong></span>|<span class="emphasis"><em>port-name-or-number</em></span>[,<span class="emphasis"><em>port-name-or-number</em></span>]...}</span></dt><dd><p>May only be specified if the protocol is TCP (6) or UDP (17).
          A comma-separated list of destination port numbers or service names
          from services(5).</p></dd></dl></div><p>When a packet arrives on an interface that has the <span class="bold"><strong>blacklist</strong></span> option specified in <a class="ulink" href="shorewall-interfaces.html" target="_self">shorewall-interfaces</a>(5), its
    source IP address and MAC address is checked against this file and
    disposed of according to the <span class="bold"><strong>BLACKLIST_DISPOSITION</strong></span> and <span class="bold"><strong>BLACKLIST_LOGLEVEL</strong></span> variables in <a class="ulink" href="shorewall.conf.html" target="_self">shorewall.conf</a>(5). If <span class="bold"><strong>PROTOCOL</strong></span> or <span class="bold"><strong>PROTOCOL</strong></span> and <span class="bold"><strong>PORTS</strong></span>
    are supplied, only packets matching the protocol (and one of the ports if
    <span class="bold"><strong>PORTS</strong></span> supplied) are blocked.</p></div><div class="refsect1" lang="en" xml:lang="en"><a id="id257377"></a><h2>Example</h2><div class="variablelist"><dl><dt><span class="term">Example 1:</span></dt><dd><p>To block DNS queries from address 192.0.2.126:</p><pre class="programlisting">        #ADDRESS/SUBNET         PROTOCOL        PORT
        192.0.2.126             udp             53</pre></dd><dt><span class="term">Example 2:</span></dt><dd><p>To block some of the nuisance applications:</p><pre class="programlisting">        #ADDRESS/SUBNET         PROTOCOL        PORT
        -                       udp             1024:1033,1434
        -                       tcp             57,1433,1434,2401,2745,3127,3306,3410,4899,5554,6101,8081,9898</pre></dd></dl></div></div><div class="refsect1" lang="en" xml:lang="en"><a id="id258244"></a><h2>FILES</h2><p>/etc/shorewall/blacklist</p></div><div class="refsect1" lang="en" xml:lang="en"><a id="id258255"></a><h2>See ALSO</h2><p><a class="ulink" href="http://shorewall.net/blacklisting_support.htm" target="_self">http://shorewall.net/blacklisting_support.htm</a></p><p>shorewall(8), shorewall-accounting(5), shorewall-actions(5),
    shorewall-hosts(5), shorewall-interfaces(5), shorewall-ipsec(5),
    shorewall-maclist(5), shorewall-masq(5), shorewall-nat(5),
    shorewall-netmap(5), shorewall-params(5), shorewall-policy(5),
    shorewall-providers(5), shorewall-proxyarp(5), shorewall-route_routes(5),
    shorewall-routestopped(5), shorewall-rules(5), shorewall.conf(5),
    shorewall-tcclasses(5), shorewall-tcdevices(5), shorewall-tcrules(5),
    shorewall-tos(5), shorewall-tunnels(5), shorewall-zones(5)</p></div></div></body></html>

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional