Firewall-SOSDG/options.default

# Comment out the following to disable features
IPTABLES=/sbin/iptables
IP6TABLES=/sbin/ip6tables

NAT=1
CONNTRACK=1
FORWARD=1
BLOCKINCOMING=1
#CLAMPMSS=ppp0


#IPV6
IPV6=1
#IPV6FORWARD=1
IPV6BLOCKINCOMING=1
#IPV6ROUTEDCLIENTBLOCK=1
#IPV6INT=he-ipv6

#================
TCPPORTS="20 21 22 53 80 113 123 443"
UDPPORTS="53"
TRUSTEDIP="127.0.0.1"
DONTTRACK="127.0.0.1"
FORWARDRANGE="192.168.1.0/24"
NATRANGE="192.168.1.0/24"
NATEXTIP="172.16.1.1"
NATEXTIF="eth0"
ALLOWEDPROTO="41 47 50 51"
#================
IPV6TRUSTED="::1"
IPV6TCP=$TCPPORTS
IPV6UDP=$UDPPORTS
#IPV6FORWARDRANGE=""
Initial commit. 2009-08-13 13:53:20 -06:00			`# Comment out the following to disable features`
			`IPTABLES=/sbin/iptables`
			`IP6TABLES=/sbin/ip6tables`

			`NAT=1`
			`CONNTRACK=1`
			`FORWARD=1`
			`BLOCKINCOMING=1`
			`#CLAMPMSS=ppp0`


			`#IPV6`
			`IPV6=1`
			`#IPV6FORWARD=1`
			`IPV6BLOCKINCOMING=1`
			`#IPV6ROUTEDCLIENTBLOCK=1`
			`#IPV6INT=he-ipv6`

			`#================`
			`TCPPORTS="20 21 22 53 80 113 123 443"`
			`UDPPORTS="53"`
			`TRUSTEDIP="127.0.0.1"`
			`DONTTRACK="127.0.0.1"`
			`FORWARDRANGE="192.168.1.0/24"`
			`NATRANGE="192.168.1.0/24"`
			`NATEXTIP="172.16.1.1"`
			`NATEXTIF="eth0"`
			`ALLOWEDPROTO="41 47 50 51"`
			`#================`
			`IPV6TRUSTED="::1"`
			`IPV6TCP=$TCPPORTS`
			`IPV6UDP=$UDPPORTS`
			`#IPV6FORWARDRANGE=""`