From 60c4b5fae0491579c6ddee378cfe22ea33f6b5d5 Mon Sep 17 00:00:00 2001
From: am <am@d66ca3ae-40d7-4aa7-90d4-87d79ca94279>
Date: Fri, 16 Nov 2007 18:15:15 +0000
Subject: default von http://www.shorewall.net/3.0/XenMyWay.html

git-svn-id: https://svn/ipuppet/trunk/modules/shorewall@105 d66ca3ae-40d7-4aa7-90d4-87d79ca94279
---
 files/shorewall.conf.Gentoo. | 24 ++++++++++++------------
 1 file changed, 12 insertions(+), 12 deletions(-)

(limited to 'files/shorewall.conf.Gentoo.')

diff --git a/files/shorewall.conf.Gentoo. b/files/shorewall.conf.Gentoo.
index e5c722d..88bfbcf 100644
--- a/files/shorewall.conf.Gentoo.
+++ b/files/shorewall.conf.Gentoo.
@@ -105,9 +105,9 @@ RCP_COMMAND='scp ${files} ${root}@${system}:${destination}'
 #			F I R E W A L L	  O P T I O N S
 ###############################################################################
 
-IP_FORWARDING=Keep
+IP_FORWARDING=On
 
-ADD_IP_ALIASES=Yes
+ADD_IP_ALIASES=No
 
 ADD_SNAT_ALIASES=No
 
@@ -119,13 +119,13 @@ TC_EXPERT=No
 
 CLEAR_TC=Yes
 
-MARK_IN_FORWARD_CHAIN=No
+MARK_IN_FORWARD_CHAIN=Yes
 
-CLAMPMSS=No
+CLAMPMSS=Yes
 
-ROUTE_FILTER=Yes
+ROUTE_FILTER=No
 
-DETECT_DNAT_IPADDRS=No
+DETECT_DNAT_IPADDRS=Yes
 
 MUTEX_TIMEOUT=60
 
@@ -143,19 +143,19 @@ BRIDGING=No
 
 DYNAMIC_ZONES=No
 
-PKTTYPE=Yes
+PKTTYPE=No
 
-RFC1918_STRICT=No
+RFC1918_STRICT=Yes
 
-MACLIST_TABLE=filter
+MACLIST_TABLE=mangle
 
-MACLIST_TTL=
+MACLIST_TTL=60
 
 SAVE_IPSETS=No
 
 MAPOLDACTIONS=No
 
-FASTACCEPT=No
+FASTACCEPT=Yes
 
 IMPLICIT_CONTINUE=Yes
 
@@ -173,7 +173,7 @@ EXPORTPARAMS=Yes
 
 BLACKLIST_DISPOSITION=DROP
 
-MACLIST_DISPOSITION=REJECT
+MACLIST_DISPOSITION=DROP
 
 TCP_FLAGS_DISPOSITION=DROP
 
-- 
cgit v1.2.3