default von http://www.shorewall.net/3.0/XenMyWay.html

git-svn-id: https://svn/ipuppet/trunk/modules/shorewall@105 d66ca3ae-40d7-4aa7-90d4-87d79ca94279
author: am <am@d66ca3ae-40d7-4aa7-90d4-87d79ca94279> 2007-11-16 18:15:15 +0000
committer: am <am@d66ca3ae-40d7-4aa7-90d4-87d79ca94279> 2007-11-16 18:15:15 +0000
commit: 60c4b5fae0491579c6ddee378cfe22ea33f6b5d5 (patch)
tree: c66a5907ceb05c94ba6d523cc301dd53f463c982 /files
parent: a33d5afb97ebc43ae0af9096bc9f11c4b34878a6 (diff)
1 files changed, 12 insertions, 12 deletions
diff --git a/files/shorewall.conf.Gentoo. b/files/shorewall.conf.Gentoo.
index e5c722d..88bfbcf 100644
--- a/files/shorewall.conf.Gentoo.
+++ b/files/shorewall.conf.Gentoo.
@@ -105,9 +105,9 @@ RCP_COMMAND='scp ${files} ${root}@${system}:${destination}'
 #			F I R E W A L L	  O P T I O N S
 ###############################################################################
 
-IP_FORWARDING=Keep
+IP_FORWARDING=On
 
-ADD_IP_ALIASES=Yes
+ADD_IP_ALIASES=No
 
 ADD_SNAT_ALIASES=No
 
@@ -119,13 +119,13 @@ TC_EXPERT=No
 
 CLEAR_TC=Yes
 
-MARK_IN_FORWARD_CHAIN=No
+MARK_IN_FORWARD_CHAIN=Yes
 
-CLAMPMSS=No
+CLAMPMSS=Yes
 
-ROUTE_FILTER=Yes
+ROUTE_FILTER=No
 
-DETECT_DNAT_IPADDRS=No
+DETECT_DNAT_IPADDRS=Yes
 
 MUTEX_TIMEOUT=60
 
@@ -143,19 +143,19 @@ BRIDGING=No
 
 DYNAMIC_ZONES=No
 
-PKTTYPE=Yes
+PKTTYPE=No
 
-RFC1918_STRICT=No
+RFC1918_STRICT=Yes
 
-MACLIST_TABLE=filter
+MACLIST_TABLE=mangle
 
-MACLIST_TTL=
+MACLIST_TTL=60
 
 SAVE_IPSETS=No
 
 MAPOLDACTIONS=No
 
-FASTACCEPT=No
+FASTACCEPT=Yes
 
 IMPLICIT_CONTINUE=Yes
 
@@ -173,7 +173,7 @@ EXPORTPARAMS=Yes
 
 BLACKLIST_DISPOSITION=DROP
 
-MACLIST_DISPOSITION=REJECT
+MACLIST_DISPOSITION=DROP
 
 TCP_FLAGS_DISPOSITION=DROP
author	am <am@d66ca3ae-40d7-4aa7-90d4-87d79ca94279>	2007-11-16 18:15:15 +0000
committer	am <am@d66ca3ae-40d7-4aa7-90d4-87d79ca94279>	2007-11-16 18:15:15 +0000
commit	60c4b5fae0491579c6ddee378cfe22ea33f6b5d5 (patch)
tree	c66a5907ceb05c94ba6d523cc301dd53f463c982 /files
parent	a33d5afb97ebc43ae0af9096bc9f11c4b34878a6 (diff)