Bright:Shorewall interfaces

From Define Wiki
Jump to navigation Jump to search

All rules in shorewall are based on zones. Each interface on the system is assigned to a zone. This files are modified directly by Bright, so any further modifications should be made outside of the marked area.


Zones

The zones file defines the zones that therules can be applied to. Essentially they are groups for interfaces. By default there are three zones.

net: external networks nat: internal networks fw: the firewall itself 

#ZONE   TYPE            OPTIONS         IN                      OUT
#                                       OPTIONS                 OPTIONS
net     ipv4
nat     ipv4
fw      firewall
#LAST LINE - ADD YOUR ENTRIES ABOVE THIS ONE - DO NOT REMOVE


Interfaces

Each of the interfaces defined in bright will be added to the file and assigned to a zone. There are a number of options that can be assigned to an interface to determine its behavior. By default it will be 'dhcp' 

# This section of this file was automatically generated by cmd. Do not edit manually!
# BEGIN AUTOGENERATED SECTION -- DO NOT REMOVE
nat     eth0    detect  dhcp
net     eth1    detect  dhcp
nat     ib0     detect  dhcp
nat     br0     detect  routeback
# END AUTOGENERATED SECTION   -- DO NOT REMOVE
Retrieved from "http://wiki.define-technology.com/mediawiki-1.35.0/index.php?title=Bright:Shorewall_interfaces&oldid=3795"