| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869 |
- ###############################################################################
- # Do not edit the lfirewall.conf directly #
- # Instead copy it first and edit the lfirewall.conf.local #
- # #
- # cp /etc/lfirewall/lfirewall.conf /etc/lfirewall/lfirewall.conf.local #
- ###############################################################################
- # Firewall configuration file
- # Uncomment the services you need there
- #The network interface to use (uncomment and change value if needed)
- #NETWORK_IF=eth0
- #################################
- # Additional network tweaks #
- #################################
- # Set ALLOW_IP_FORWARDING to 1
- # if IP forwarding is needed
- # Set ALLOW_IP_FORWARDING to 0
- # will write 0 into /proc/sys/net/ipv4/ip_forward
- #ALLOW_IP_FORWARDING=0
- # Set NETWORK_PROTECTION to 1
- # to block additional network features from the kernel
- # Set NETWORK_PROTECTION to 0
- # will do nothing
- #NETWORK_PROTECTION=1
- #################################
- # Services that the system will #
- # offer to the network #
- #################################
- # SSH
- SSH_PORT="22"
- TCP_SERVICES="22"
- # Web server
- #TCP_SERVICES="http https $TCP_SERVICES"
- # SAMBA
- #SAMBA_PORTS="137 138 139"
- #TCP_SERVICES="$TCP_SERVICES $SAMBA_PORTS"
- # SAMBA: if you are using Active Directory
- #TCP_SERVICES="$TCP_SERVICES 445"
- #TCP_SERVICES=$TCP_SERVICES" 10021 10023:10999" # vsFTP
- UDP_SERVICES=""
- #################################
- # Services the system will use #
- # from the network #
- #################################
- # These services will not be accessible from the current
- # server until they are allowed
- REMOTE_TCP_SERVICES="80 443" # Web browsing
- REMOTE_TCP_SERVICES="22 $REMOTE_TCP_SERVICES" # SSH
- REMOTE_TCP_SERVICES="20 $REMOTE_TCP_SERVICES" # FTP
- REMOTE_TCP_SERVICES="$REMOTE_TCP_SERVICES $SAMBA_PORTS"
- REMOTE_UDP_SERVICES="53" # DNS
|
