Репозитории ALT
| S: | 1.22.1-alt4 |
| 5.1: | 1.21.1-alt1 |
| 4.1: | 1.21.1-alt0.M41.1 |
| 4.0: | 1.21.1-alt0.M40.1 |
| 3.0: | 1.19.2-alt2 |
| +backports: | 1.20.1-alt0.M30.1 |
Другие репозитории
| Upstream: | 1.21.1 |
Группа :: Безопасность/Сети
Пакет: fiaif
навигация по пакетам
Главная Изменения Спек Патчи Sources Загрузить Gear Bugs and FR Repocop
Патч: fiaif-1.21.1-alt-autonumbering_note.patch
Скачать
Скачать
Add a note about autonumbering feature
--- ./conf/zone.ext 2008-07-27 16:28:49 +0400
+++ ./conf/zone.ext 2008-07-27 16:28:49 +0400
@@ -36,6 +36,12 @@ DHCP_SERVER=0
## The descriptions of packets coming IN to the interface specifed in DEV and NETWORK to drop|accept|reject
## Use: INPUT[N]="<ACCEPT|REJECT|DROP> <protocol [port[:port][<,port>[:port]]*]> <ip[/mask]=>ip[/mask]>"
+##
+## Note: You may automate rule's numbering by using (ugly) construction INPUT[${#INPUT[@]}]="<rule>"+## This also works for OUTPUT, FORWARD, MARK and SNAT rules.
+## For replacing all numbers with array length following command could be used:
+## $ subst 's!\(INPUT\|OUTPUT\|FORWARD\|SNAT\|MARK\)\[\([0-9]\+\)\]!\1[${#\1[@]}]!g' zone.*+##
INPUT[0]="ACCEPT tcp smtp,www,https,ssh 0.0.0.0/0=>0.0.0.0/0"
INPUT[1]="ACCEPT icmp echo-request 0.0.0.0/0=>0.0.0.0/0"
#INPUT[2]="ACCEPT igmp 0.0.0.0/0=>224.0.0.0/4"
--- ./conf/zone.dmz 2008-07-27 16:28:49 +0400
+++ ./conf/zone.dmz 2008-07-27 16:28:49 +0400
@@ -45,6 +45,12 @@
## The descriptions of packets coming IN to the interface specifed in DEV and NETWORK to drop|accept|reject
## Use: INPUT[N]="<ACCEPT|REJECT|DROP> <protocol [port[:port][<,port>[:port]]*]> <ip[/mask]=>ip[/mask]>"
+##
+## Note: You may automate rule's numbering by using (ugly) construction INPUT[${#INPUT[@]}]="<rule>"+## This also works for OUTPUT, FORWARD, MARK and SNAT rules.
+## For replacing all numbers with array length following command could be used:
+## $ subst 's!\(INPUT\|OUTPUT\|FORWARD\|SNAT\|MARK\)\[\([0-9]\+\)\]!\1[${#\1[@]}]!g' zone.*+##
INPUT[0]="REJECT ALL 0.0.0.0/0=>0.0.0.0/0"
## The descriptions of packets going OUT of the interface specifed in DEV and NETWORK to drop|accept|reject
--- ./conf/zone.int 2008-07-27 16:30:53 +0400
+++ ./conf/zone.int 2008-07-27 16:31:27 +0400
@@ -37,6 +37,12 @@
## The descriptions of packets coming IN to the interface specifed in DEV and NETWORK to drop|accept|return
## Use: INPUT[N]="<ACCEPT|REJECT|DROP> <protocol [port[:port][<,port>[:port]]*]> ip[/mask]=>ip[/mask]"
+##
+## Note: You may automate rule's numbering by using (ugly) construction INPUT[${#INPUT[@]}]="<rule>"+## This also works for OUTPUT, FORWARD, MARK and SNAT rules..
+## For replacing all numbers with array length following command could be used:
+## $ subst 's!\(INPUT\|OUTPUT\|FORWARD\|SNAT\|MARK\)\[\([0-9]\+\)\]!\1[${#\1[@]}]!g' zone.*+##
INPUT[0]="ACCEPT ALL 0.0.0.0/0=>0.0.0.0/0"
## The descriptions of packets going OUT of the interface specifed in DEV and NETWORK to drop|accept|return