Rechercher une page de manuel
shorewall6-notrack
Langue: en
Version: 05/13/2009 (debian - 07/07/09)
Section: 5 (Format de fichier)
NAME
notrack - shorewall6 notrack fileSYNOPSIS
- /etc/shorewall6/notrack
DESCRIPTION
- The notrack file is used to exempt certain traffic from Netfilter connection tracking. Traffic matching entries in this fill will not be tracked.
The file was added in shorewall6-perl 4.2.7 and is not supported by shorewall6-shell or by earlier versions of shorewall6-perl.
The columns in the file are as follows.
SOURCE - {zone[:interface][:address-list]|COMMENT}
- where zone is the name of a zone, interface is an interface to that zone, and address-list is a comma-separated list of addresses (may contain exclusion - see shorewall6-exclusion[1] (5)).
Comments may be attached to Netfilter rules generated from entries in this file through the use of COMMENT lines. These lines begin with the word COMMENT; the remainder of the line is treated as a comment which is attached to subsequent rules until another COMMENT line is found or until the end of the file is reached. To stop adding comments to rules, use a line with only the word COMMENT.
DEST - [address-list]
- where address-list is a comma-separated list of addresses (may contain exclusion - see shorewall6-exclusion[1] (5)).
PROTO - protocol-name-or-number
- A protocol name from /etc/protocols or a protocol number.
DEST PORT(S) - port-number/service-name-list
- A comma-separated list of port numbers and/or service names from /etc/services. May also include port ranges of the form low-port:high-port if your kernel and iptables include port range support.
SOURCE PORT(S) - port-number/service-name-list
- A comma-separated list of port numbers and/or service names from /etc/services. May also include port ranges of the form low-port:high-port if your kernel and iptables include port range support.
USER/GROUP - [user][:group]
- May only be specified if the SOURCE zone is $FW. Specifies the effective user id and or group id of the process sending the traffic.
FILES
/etc/shorewall6/notrack
SEE ALSO
shorewall6(8), shorewall6-accounting(5), shorewall6-actions(5), shorewall6-blacklist(5), shorewall6-hosts(5), shorewall6-interfaces(5), shorewall6-ipsec(5), shorewall6-params(5), shorewall6-policy(5), shorewall6-providers(5), shorewall6-proxyarp(5), shorewall6-route_rules(5), shorewall6-routestopped(5), shorewall6-rules(5), shorewall6.conf(5), shorewall6-tcclasses(5), shorewall6-tcdevices(5), shorewall6-tcrules(5), shorewall6-tos(5), shorewall6-tunnels(5), shorewall-zones(5)
NOTES
- 1.
- shorewall6-exclusion
- shorewall-exclusion.html
Contenus ©2006-2024 Benjamin Poulain
Design ©2006-2024 Maxime Vantorre