1 files changed, 15 insertions, 10 deletions

diff --git a/files/shorewall.conf.Debian.squeeze b/files/shorewall.conf.Debian.squeeze
index 63b7350..5c57b04 100644
--- a/files/shorewall.conf.Debian.squeeze
+++ b/files/shorewall.conf.Debian.squeeze
@@ -1,6 +1,3 @@
-####
-#### Managed by puppet, modify only on the puppetmaster
-###
 ###############################################################################
 #
 #  Shorewall Version 4 -- /etc/shorewall/shorewall.conf
@@ -48,7 +45,7 @@ TCP_FLAGS_LOG_LEVEL=info
 
 SMURF_LOG_LEVEL=info
 
-LOG_MARTIANS=No
+LOG_MARTIANS=Yes
 
 ###############################################################################
 #	L O C A T I O N	  O F	F I L E S   A N D   D I R E C T O R I E S
@@ -101,7 +98,7 @@ RCP_COMMAND='scp ${files} ${root}@${system}:${destination}'
 #			F I R E W A L L	  O P T I O N S
 ###############################################################################
 
-IP_FORWARDING=On
+IP_FORWARDING=Keep
 
 ADD_IP_ALIASES=No
 
@@ -117,6 +114,14 @@ TC_PRIOMAP="2 3 3 3 2 3 1 1 2 2 2 2 2 2 2 2"
 
 CLEAR_TC=Yes
 
+MARK_IN_FORWARD_CHAIN=No
+
+CLAMPMSS=No
+
+ROUTE_FILTER=Yes
+
+DETECT_DNAT_IPADDRS=No
+=======
 MARK_IN_FORWARD_CHAIN=Yes
 
 CLAMPMSS=No
@@ -124,6 +129,7 @@ CLAMPMSS=No
 ROUTE_FILTER=No
 
 DETECT_DNAT_IPADDRS=YES
+>>>>>>> immerda/master
 
 MUTEX_TIMEOUT=60
 
@@ -135,7 +141,7 @@ DELAYBLACKLISTLOAD=No
 
 MODULE_SUFFIX=ko
 
-DISABLE_IPV6=Yes
+DISABLE_IPV6=No
 
 BRIDGING=No
 
@@ -145,7 +151,7 @@ PKTTYPE=Yes
 
 NULL_ROUTE_RFC1918=No
 
-MACLIST_TABLE=mangle
+MACLIST_TABLE=filter
 
 MACLIST_TTL=
 
@@ -155,7 +161,7 @@ MAPOLDACTIONS=No
 
 FASTACCEPT=No
 
-IMPLICIT_CONTINUE=Yes
+IMPLICIT_CONTINUE=No
 
 HIGH_ROUTE_MARKS=No
 
@@ -209,9 +215,8 @@ FORWARD_CLEAR_MARK=Yes
 
 BLACKLIST_DISPOSITION=DROP
 
-MACLIST_DISPOSITION=DROP
+MACLIST_DISPOSITION=REJECT
 
 TCP_FLAGS_DISPOSITION=DROP
 
 #LAST LINE -- DO NOT REMOVE
-