]>
Commit | Line | Data |
---|---|---|
c1400087 MT |
1 | #!/bin/bash |
2 | ############################################################################### | |
3 | # # | |
4 | # IPFire.org - A linux based firewall # | |
5 | # Copyright (C) 2012 IPFire Network Development Team # | |
6 | # # | |
7 | # This program is free software: you can redistribute it and/or modify # | |
8 | # it under the terms of the GNU General Public License as published by # | |
9 | # the Free Software Foundation, either version 3 of the License, or # | |
10 | # (at your option) any later version. # | |
11 | # # | |
12 | # This program is distributed in the hope that it will be useful, # | |
13 | # but WITHOUT ANY WARRANTY; without even the implied warranty of # | |
14 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # | |
15 | # GNU General Public License for more details. # | |
16 | # # | |
17 | # You should have received a copy of the GNU General Public License # | |
18 | # along with this program. If not, see <http://www.gnu.org/licenses/>. # | |
19 | # # | |
20 | ############################################################################### | |
21 | ||
22 | # This variable is used to point to a directory | |
23 | # in which the iptables ruleset will be generated. | |
24 | IPTABLES_TMPDIR= | |
25 | ||
26 | FIREWALL_CONFIG_DIR="/etc/firewall" | |
27 | FIREWALL_ZONES_DIR="${FIREWALL_CONFIG_DIR}/zones" | |
28 | FIREWALL_CONFIG_FILE="${FIREWALL_CONFIG_DIR}/config" | |
29 | FIREWALL_CONFIG_RULES="${FIREWALL_CONFIG_DIR}/rules" | |
30 | ||
31 | FIREWALL_MACROS_DIRS="${FIREWALL_CONFIG_DIR}/macros" | |
32 | FIREWALL_MACROS_DIRS="${FIREWALL_MACROS_DIRS} /usr/share/firewall/macros" | |
33 | ||
34 | # List of parameters which are saved in the configuration file. | |
35 | FIREWALL_CONFIG_PARAMS="" | |
36 | ||
a2c9dff5 MT |
37 | # Valid arguments in the rules file. |
38 | FIREWALL_RULES_CONFIG_PARAMS="src dst proto action sport dport in out" | |
39 | ||
c1400087 MT |
40 | # Define the default logging method (nflog or syslog). |
41 | FIREWALL_LOG_METHOD="nflog" | |
42 | FIREWALL_CONFIG_PARAMS="${FIREWALL_CONFIG_PARAMS} FIREWALL_LOG_METHOD" | |
43 | ||
44 | # Set the default threshold for the nflog method. | |
45 | FIREWALL_NFLOG_THRESHOLD=30 | |
be9aaf8b | 46 | FIREWALL_CONFIG_PARAMS="${FIREWALL_CONFIG_PARAMS} FIREWALL_NFLOG_THRESHOLD" |
c1400087 MT |
47 | |
48 | # Enable clamping MSS for braindead ISPs which filter ICMP packets. | |
49 | FIREWALL_CLAMP_PATH_MTU="false" | |
50 | FIREWALL_CONFIG_PARAMS="${FIREWALL_CONFIG_PARAMS} FIREWALL_CLAMP_PATH_MTU" | |
a2c9dff5 MT |
51 | |
52 | FIREWALL_SUPPORTED_PROTOCOLS="tcp udp icmp igmp esp ah gre" | |
53 | FIREWALL_PROTOCOLS_SUPPORTING_PORTS="tcp udp" | |
54 | ||
55 | # Firewall zone settings. | |
56 | FIREWALL_ZONE_SETTINGS="FRIEND_ZONES MASQUERADE4" | |
57 | ||
58 | # Default values. | |
59 | FIREWALL_ZONE_SETTINGS_MASQUERADE4="false" |