Sophie: shorewall-doc-4.0.15-0.2mdvmes5 noarch

shorewall-doc-4.0.15-0.2mdvmes5.noarch.rpm

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>shorewall-rfc1918</title><link rel="stylesheet" href="html.css" type="text/css" /><meta name="generator" content="DocBook XSL Stylesheets V1.73.2" /></head><body><div class="refentry" lang="en" xml:lang="en"><a id="id257171"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>rfc1918 — Shorewall file</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">/usr/share/shorewall/rfc1918</code> </p></div></div><div class="refsect1" lang="en" xml:lang="en"><a id="id257202"></a><h2>Description</h2><p>The rfc1918 file determines the handling of connections under the
    norfc1918 option in <a class="ulink" href="shorewall-interfaces.html" target="_self">shorewall-interfaces</a>(5). Do not
    modify <code class="filename">/usr/share/shorewall/rfc1918</code>; if you need to
    change norfc1918 handling, then copy
    <code class="filename">/usr/share/shorewall/rfc1918</code> to
    <code class="filename">/etc/shorewall/rfc1918</code> and modify the copy.</p><p>The released version of this file logs and drops packets from the
    three address ranges reserved by RFC 1918:</p><div class="blockquote"><blockquote class="blockquote"><pre class="programlisting">10.0.0.0/8
172.16.0.0/12
192.168.0.0/16</pre></blockquote></div><p>The columns in the file are as follows.</p><div class="variablelist"><dl><dt><span class="term"><span class="bold"><strong>SUBNET -
        <em class="replaceable"><code>address</code></em></strong></span></span></dt><dd><p>Subnet address in CIDR format.</p></dd><dt><span class="term"><span class="bold"><strong>TARGET</strong></span> - {<span class="bold"><strong>RETURN</strong></span>|<span class="bold"><strong>DROP</strong></span>|<span class="bold"><strong>logdrop</strong></span>}</span></dt><dd><p><span class="bold"><strong>RETURN</strong></span> causes packets to/from
          the specified subnet to be processed normally by the applicable
          rules and policies.</p><p><span class="bold"><strong>DROP</strong></span> causes packets from the
          specified subnet to be silently dropped.</p><p><span class="bold"><strong>logdrop</strong></span> causes packets from
          the specified subnet to be logged at the level specified by the
          RFC1918_LOG_LEVEL option in <a class="ulink" href="shorewall.conf.html" target="_self">shorewall.conf</a>(5).</p></dd></dl></div><p>Also, please see the RFC1918_STRICT option in <a class="ulink" href="shorewall.conf.html" target="_self">shorewall.conf</a>(5).</p></div><div class="refsect1" lang="en" xml:lang="en"><a id="id257334"></a><h2>FILES</h2><p>/usr/share/shorewall/rfc1918</p><p>/etc/shorewall/rfc1918</p></div><div class="refsect1" lang="en" xml:lang="en"><a id="id257347"></a><h2>See ALSO</h2><p>shorewall(8), shorewall-accounting(5), shorewall-actions(5),
    shorewall-blacklist(5), shorewall-hosts(5), shorewall-interfaces(5),
    shorewall-ipsec(5), shorewall-maclist(5), shorewall-masq(5),
    shorewall-nat(5), shorewall-netmap(5), shorewall-params(5),
    shorewall-policy(5), shorewall-providers(5), shorewall-proxyarp(5),
    shorewall-route_rules(5), shorewall-routestopped(5), shorewall-rules(5),
    shorewall.conf(5), shorewall-tcclasses(5), shorewall-tcdevices(5),
    shorewall-tcrules(5), shorewall-tos(5), shorewall-tunnels(5),
    shorewall-zones(5)</p></div></div></body></html>