]> git.ipfire.org Git - people/pmueller/ipfire-2.x.git/blobdiff - config/ipac-ng/rules.conf
projects / people / pmueller / ipfire-2.x.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
git-svn-id: http://svn.ipfire.org/svn/ipfire/IPFire/source@16 ea5c0bd1-69bd-2848...
[people/pmueller/ipfire-2.x.git] / config / ipac-ng / rules.conf
diff --git a/config/ipac-ng/rules.conf b/config/ipac-ng/rules.conf
new file mode 100644 (file)
index 0000000..e5f8238
--- /dev/null
+++ b/config/ipac-ng/rules.conf
@@ -0,0 +1,36 @@
+# Example config file with accounting rules
+# Install as /etc/ipac-ng/rules.conf.iptables
+#
+# Format:
+# Name of rule|direction|interface|protocol|source|destination
+# WARNING!!!! spaces are not allowed before and after '|'.
+#
+# where
+# Name of rule         Any string to identify this rule
+# direction            ipac~fi  - forward in
+#                      ipac~fo  - forward out
+#                      ipac~i   - outgoing from machine with ipac-ng to other host(/net)
+#                                      (or incoming to otherhost)
+#                      ipac~o   - incoming to machine with ipac-ng
+#                                      (or outgoing from otherhost)
+#
+# interface            interface name, '+' means all interfaces (dont try to use ip numbers here!)
+# protocol             tcp | udp | icmp | all
+# source               \
+# destination          both as described in ipfwadm(8), or empty
+#
+# incoming:
+
+# lets demonstrate this by following rules.
+# Example 1:
+# there are some hosts in out net 192.168.0.0/24
+# our ipac-ng host has two interfaces - eth0 connected to local net
+#                                  and eth1 to internet
+Incoming GREEN|ipac~i|eth0|all|||
+Outgoing GREEN|ipac~o|eth0|all|||
+
+Incoming RED (PPP)|ipac~i|ppp0|all|||
+Outgoing RED (PPP)|ipac~o|ppp0|all|||
+
+Incoming RED (ISDN PPP)|ipac~i|ippp0|all|||
+Outgoing RED (ISDN PPP)|ipac~o|ippp0|all|||
Peter's tree of IPFire 2.x