diff options
author | Micah Anderson <micah@riseup.net> | 2012-06-20 16:17:37 -0400 |
---|---|---|
committer | Micah Anderson <micah@riseup.net> | 2012-06-20 16:17:37 -0400 |
commit | 5052233d92e97263eab292408ed2602db0836d98 (patch) | |
tree | 6e610ec18aaa13f7797eedd08b03c852e49d8cfb /files | |
parent | 4bb5d70f506fc336a1b03ea74f60506a8af3ccc2 (diff) | |
download | puppet-shorewall-5052233d92e97263eab292408ed2602db0836d98.tar.gz puppet-shorewall-5052233d92e97263eab292408ed2602db0836d98.tar.bz2 |
put config file back to immerda version
Diffstat (limited to 'files')
-rw-r--r-- | files/shorewall.conf.Debian.squeeze | 24 |
1 files changed, 12 insertions, 12 deletions
diff --git a/files/shorewall.conf.Debian.squeeze b/files/shorewall.conf.Debian.squeeze index da8e29e..63b7350 100644 --- a/files/shorewall.conf.Debian.squeeze +++ b/files/shorewall.conf.Debian.squeeze @@ -1,7 +1,6 @@ #### #### Managed by puppet, modify only on the puppetmaster -#### - +### ############################################################################### # # Shorewall Version 4 -- /etc/shorewall/shorewall.conf @@ -22,7 +21,7 @@ STARTUP_ENABLED=Yes VERBOSITY=1 ############################################################################### -# L O G G I N G +# L O G G I N G ############################################################################### LOGFILE=/var/log/messages @@ -49,7 +48,7 @@ TCP_FLAGS_LOG_LEVEL=info SMURF_LOG_LEVEL=info -LOG_MARTIANS=Yes +LOG_MARTIANS=No ############################################################################### # L O C A T I O N O F F I L E S A N D D I R E C T O R I E S @@ -102,7 +101,7 @@ RCP_COMMAND='scp ${files} ${root}@${system}:${destination}' # F I R E W A L L O P T I O N S ############################################################################### -IP_FORWARDING=Keep +IP_FORWARDING=On ADD_IP_ALIASES=No @@ -118,13 +117,13 @@ TC_PRIOMAP="2 3 3 3 2 3 1 1 2 2 2 2 2 2 2 2" CLEAR_TC=Yes -MARK_IN_FORWARD_CHAIN=No +MARK_IN_FORWARD_CHAIN=Yes CLAMPMSS=No -ROUTE_FILTER=Yes +ROUTE_FILTER=No -DETECT_DNAT_IPADDRS=No +DETECT_DNAT_IPADDRS=YES MUTEX_TIMEOUT=60 @@ -136,7 +135,7 @@ DELAYBLACKLISTLOAD=No MODULE_SUFFIX=ko -DISABLE_IPV6=No +DISABLE_IPV6=Yes BRIDGING=No @@ -146,7 +145,7 @@ PKTTYPE=Yes NULL_ROUTE_RFC1918=No -MACLIST_TABLE=filter +MACLIST_TABLE=mangle MACLIST_TTL= @@ -156,7 +155,7 @@ MAPOLDACTIONS=No FASTACCEPT=No -IMPLICIT_CONTINUE=No +IMPLICIT_CONTINUE=Yes HIGH_ROUTE_MARKS=No @@ -210,8 +209,9 @@ FORWARD_CLEAR_MARK=Yes BLACKLIST_DISPOSITION=DROP -MACLIST_DISPOSITION=REJECT +MACLIST_DISPOSITION=DROP TCP_FLAGS_DISPOSITION=DROP #LAST LINE -- DO NOT REMOVE + |