params
用來定義在 configure file 可用到的變數
/etc/shorewall/params:
NET_IF=eth0 ADMIN_IP= 192.168.123.10, 192.168.123.200
rules
- requests and responses are automatically allowed using connection tracking.
- All rules are terminating except LOG and COUNT rules.
COMMENT Allow SSH from admin SSH(ACCEPT) net:$ADMIN_IP $FW COMMENT
Shorewall show
/* Allow SSH from home */
以上的 rule 相當於: