From ff80e790b3e1cbade0f9d827901fad54e43e0433 Mon Sep 17 00:00:00 2001 From: Sean Crites Date: Tue, 14 Apr 2020 22:00:25 -0800 Subject: [PATCH 01/12] Updating hash:ip to hash:net --- src/firewall.d/ipsets-example | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/firewall.d/ipsets-example b/src/firewall.d/ipsets-example index 52f924c..242aa90 100644 --- a/src/firewall.d/ipsets-example +++ b/src/firewall.d/ipsets-example @@ -19,8 +19,8 @@ # # ###################### -create PRIVATE4 hash:ip family inet hashsize 1024 comment -create PRIVATE6 hash:ip family inet6 hashsize 1024 comment +create PRIVATE4 hash:net family inet hashsize 1024 comment +create PRIVATE6 hash:net family inet6 hashsize 1024 comment create PRIVATE list:set add PRIVATE PRIVATE4 add PRIVATE PRIVATE6 From 068027c4493b3faf50e8a91217a05ca2c1708ae9 Mon Sep 17 00:00:00 2001 From: Sean Crites Date: Tue, 14 Apr 2020 22:01:59 -0800 Subject: [PATCH 02/12] Updating to include comment before comment --- src/firewall.d/ipsets-example | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/src/firewall.d/ipsets-example b/src/firewall.d/ipsets-example index 242aa90..6444e8a 100644 --- a/src/firewall.d/ipsets-example +++ b/src/firewall.d/ipsets-example @@ -24,11 +24,11 @@ create PRIVATE6 hash:net family inet6 hashsize 1024 comment create PRIVATE list:set add PRIVATE PRIVATE4 add PRIVATE PRIVATE6 -add PRIVATE4 10.0.0.0/8 "rfc1918" -add PRIVATE4 172.16.0.0/12 "rfc1918" -add PRIVATE4 192.168.0.0/1 "rfc1918" -add PRIVATE6 fc00::/7 "rfc4193" -add PRIVATE6 fe80::/10 "rfc4291"" +add PRIVATE4 10.0.0.0/8 comment "rfc1918" +add PRIVATE4 172.16.0.0/12 comment "rfc1918" +add PRIVATE4 192.168.0.0/1 comment "rfc1918" +add PRIVATE6 fc00::/7 comment "rfc4193" +add PRIVATE6 fe80::/10 comment "rfc4291"" # end of rules From d577212d8f7e415b6f93aa5c3f1937bf035adf4c Mon Sep 17 00:00:00 2001 From: Sean Crites Date: Tue, 14 Apr 2020 22:02:48 -0800 Subject: [PATCH 03/12] Typo - Removing extra quote --- src/firewall.d/ipsets-example | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/firewall.d/ipsets-example b/src/firewall.d/ipsets-example index 6444e8a..4d02645 100644 --- a/src/firewall.d/ipsets-example +++ b/src/firewall.d/ipsets-example @@ -28,7 +28,7 @@ add PRIVATE4 10.0.0.0/8 comment "rfc1918" add PRIVATE4 172.16.0.0/12 comment "rfc1918" add PRIVATE4 192.168.0.0/1 comment "rfc1918" add PRIVATE6 fc00::/7 comment "rfc4193" -add PRIVATE6 fe80::/10 comment "rfc4291"" +add PRIVATE6 fe80::/10 comment "rfc4291" # end of rules From def8af00ca010052c54ba38ee2fe53dee4c86e49 Mon Sep 17 00:00:00 2001 From: Sean Crites Date: Tue, 14 Apr 2020 22:05:21 -0800 Subject: [PATCH 04/12] Updating format. --- src/firewall.d/ipsets-example | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/src/firewall.d/ipsets-example b/src/firewall.d/ipsets-example index 4d02645..7dbc12b 100644 --- a/src/firewall.d/ipsets-example +++ b/src/firewall.d/ipsets-example @@ -19,16 +19,16 @@ # # ###################### -create PRIVATE4 hash:net family inet hashsize 1024 comment -create PRIVATE6 hash:net family inet6 hashsize 1024 comment -create PRIVATE list:set -add PRIVATE PRIVATE4 -add PRIVATE PRIVATE6 -add PRIVATE4 10.0.0.0/8 comment "rfc1918" -add PRIVATE4 172.16.0.0/12 comment "rfc1918" -add PRIVATE4 192.168.0.0/1 comment "rfc1918" -add PRIVATE6 fc00::/7 comment "rfc4193" -add PRIVATE6 fe80::/10 comment "rfc4291" +create PRIVATE4 hash:net family inet hashsize 1024 comment +create PRIVATE6 hash:net family inet6 hashsize 1024 comment +create PRIVATE list:set +add PRIVATE PRIVATE4 +add PRIVATE PRIVATE6 +add PRIVATE4 10.0.0.0/8 comment "rfc1918" +add PRIVATE4 172.16.0.0/12 comment "rfc1918" +add PRIVATE4 192.168.0.0/1 comment "rfc1918" +add PRIVATE6 fc00::/7 comment "rfc4193" +add PRIVATE6 fe80::/10 comment "rfc4291" # end of rules From 827e00f27cad39075f0415e99112bb0ba1ad95fb Mon Sep 17 00:00:00 2001 From: Sean Crites Date: Tue, 14 Apr 2020 22:09:06 -0800 Subject: [PATCH 05/12] Updating comment/header. --- src/firewall.d/ipsets-example | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/src/firewall.d/ipsets-example b/src/firewall.d/ipsets-example index 7dbc12b..19c1c1f 100644 --- a/src/firewall.d/ipsets-example +++ b/src/firewall.d/ipsets-example @@ -1,15 +1,15 @@ -# /etc/rc.d/rc.firewall.rules +# /etc/firewall.d/rules # -# Host Specific IP Sets for Slackware Server +# Host specific IP Sets for local server # # THIS FILE IS INTENDED TO CONTAIN FIREWALL RULES SPECIFIC TO AN INDIVIDUAL # SERVER. # # USE ONE OF THE FOLLOWING FILES FOR GLOBAL RULES: -# /etc/rc.d/rc.firewall.global -# /etc/rc.d/rc.firewall.global4 -# /etc/rc.d/rc.firewall.global6 -# /etc/rc.d/rc.firewall.globalsets +# /etc/firewall.d/global.d/ipsets +# /etc/firewall.d/global.d/rules +# /etc/firewall.d/global.d/rules4 +# /etc/firewall.d/global.d/rules6 # From 451ca108c3e72846690c3cdd0f40018102292e41 Mon Sep 17 00:00:00 2001 From: Sean Crites Date: Tue, 14 Apr 2020 22:12:45 -0800 Subject: [PATCH 06/12] Updating comment/header. --- src/firewall.d/rules4-example | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/src/firewall.d/rules4-example b/src/firewall.d/rules4-example index dc04c7c..bd27e60 100644 --- a/src/firewall.d/rules4-example +++ b/src/firewall.d/rules4-example @@ -1,17 +1,18 @@ -# /etc/rc.d/rc.firewall.rules4 -# -# Host Specific IPv4 Firewall Rules for Slackware Server +# /etc/firewall.d/rules4 +# +# Host specific IP Sets for local server # # THIS FILE IS INTENDED TO CONTAIN FIREWALL RULES SPECIFIC TO AN INDIVIDUAL # SERVER. # # USE ONE OF THE FOLLOWING FILES FOR GLOBAL RULES: -# /etc/rc.d/rc.firewall.global -# /etc/rc.d/rc.firewall.global4 -# /etc/rc.d/rc.firewall.global6 -# /etc/rc.d/rc.firewall.globalsets +# /etc/firewall.d/global.d/ipsets +# /etc/firewall.d/global.d/rules +# /etc/firewall.d/global.d/rules4 +# /etc/firewall.d/global.d/rules6 # + ######################### # # # FILTER Table (IPv4) # From 25eeb19d5acb1c03882bd6d7fb6b06556989f5dc Mon Sep 17 00:00:00 2001 From: Sean Crites Date: Tue, 14 Apr 2020 22:14:39 -0800 Subject: [PATCH 07/12] Updating comment/heder. --- src/firewall.d/rules6-example | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/src/firewall.d/rules6-example b/src/firewall.d/rules6-example index f70a704..e90ee00 100644 --- a/src/firewall.d/rules6-example +++ b/src/firewall.d/rules6-example @@ -1,17 +1,18 @@ -# /etc/rc.d/rc.firewall.rules6 -# -# Host Specific IPv6 Firewall Rules for Slackware Server +# /etc/firewall.d/rules6 +# +# Host specific IP Sets for local server # # THIS FILE IS INTENDED TO CONTAIN FIREWALL RULES SPECIFIC TO AN INDIVIDUAL # SERVER. # # USE ONE OF THE FOLLOWING FILES FOR GLOBAL RULES: -# /etc/rc.d/rc.firewall.global -# /etc/rc.d/rc.firewall.global4 -# /etc/rc.d/rc.firewall.global6 -# /etc/rc.d/rc.firewall.globalsets +# /etc/firewall.d/global.d/ipsets +# /etc/firewall.d/global.d/rules +# /etc/firewall.d/global.d/rules4 +# /etc/firewall.d/global.d/rules6 # + ######################### # # # FILTER Table (IPv6) # From c1b57f12e37cc8888f61be9c6e15bf5c1e4fa587 Mon Sep 17 00:00:00 2001 From: Sean Crites Date: Tue, 14 Apr 2020 22:15:48 -0800 Subject: [PATCH 08/12] Updating comment/header. --- src/firewall.d/rules-example | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/src/firewall.d/rules-example b/src/firewall.d/rules-example index 5a9e8df..849cb7b 100644 --- a/src/firewall.d/rules-example +++ b/src/firewall.d/rules-example @@ -1,15 +1,15 @@ # /etc/rc.d/rc.firewall.rules -# -# Host Specific IPv4/IPv6 Firewall Rules for Slackware Server +# +# Host specific IP Sets for local server # # THIS FILE IS INTENDED TO CONTAIN FIREWALL RULES SPECIFIC TO AN INDIVIDUAL # SERVER. # # USE ONE OF THE FOLLOWING FILES FOR GLOBAL RULES: -# /etc/rc.d/rc.firewall.global -# /etc/rc.d/rc.firewall.global4 -# /etc/rc.d/rc.firewall.global6 -# /etc/rc.d/rc.firewall.globalsets +# /etc/firewall.d/global.d/ipsets +# /etc/firewall.d/global.d/rules +# /etc/firewall.d/global.d/rules4 +# /etc/firewall.d/global.d/rules6 # From dcc189576522cdfb481c4f3633781d709498e24c Mon Sep 17 00:00:00 2001 From: Sean Crites Date: Tue, 14 Apr 2020 22:25:28 -0800 Subject: [PATCH 09/12] Updating comment/header. --- src/firewall.d/global.d/ipsets-example | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/src/firewall.d/global.d/ipsets-example b/src/firewall.d/global.d/ipsets-example index 0e2bf0a..ed91ce2 100644 --- a/src/firewall.d/global.d/ipsets-example +++ b/src/firewall.d/global.d/ipsets-example @@ -1,18 +1,19 @@ -# /etc/rc.d/rc.firewall.global -# -# Global Organization IP Sets for Slackware Servers +# /etc/firewall.d/global.d/ipsets +# +# Global Organization IP Sets # # THIS FILE IS INTENDED TO CONTAIN FIREWALL RULES PUSHED OUT FROM A # CENTRALIZED LOCATION IN ORDER TO ALLOW AN ORGANIZATION TO CREATE GLOBAL # FIREWALL RULES ACROSS ALL SYSTEMS. # # PLACE HOST SPECIFIC RULES IN ONE OF THE FOLLOWING FILES: -# /etc/rc.d/rc.firewall.ipsets -# /etc/rc.d/rc.firewall.rules -# /etc/rc.d/rc.firewall.rules4 -# /etc/rc.d/rc.firewall.rules6 +# /etc/firewall.d/ipsets +# /etc/firewall.d/rules +# /etc/firewall.d/rules4 +# /etc/firewall.d/rules6 # + ####################### # # # Standard Services # From 5a6bed405224867509afbffcd0431d025059f673 Mon Sep 17 00:00:00 2001 From: Sean Crites Date: Tue, 14 Apr 2020 22:26:26 -0800 Subject: [PATCH 10/12] Updating comment/header. --- src/firewall.d/global.d/rules4-example | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/src/firewall.d/global.d/rules4-example b/src/firewall.d/global.d/rules4-example index ddbd774..1ed56c4 100644 --- a/src/firewall.d/global.d/rules4-example +++ b/src/firewall.d/global.d/rules4-example @@ -1,18 +1,19 @@ -# /etc/rc.d/rc.firewall.global4 -# -# Global Organization IPv4 Firewall Rules for Slackware Servers +# /etc/firewall.d/global.d/ipsets +# +# Global Organization IP Sets # # THIS FILE IS INTENDED TO CONTAIN FIREWALL RULES PUSHED OUT FROM A # CENTRALIZED LOCATION IN ORDER TO ALLOW AN ORGANIZATION TO CREATE GLOBAL # FIREWALL RULES ACROSS ALL SYSTEMS. # # PLACE HOST SPECIFIC RULES IN ONE OF THE FOLLOWING FILES: -# /etc/rc.d/rc.firewall.ipsets -# /etc/rc.d/rc.firewall.rules -# /etc/rc.d/rc.firewall.rules4 -# /etc/rc.d/rc.firewall.rules6 +# /etc/firewall.d/ipsets +# /etc/firewall.d/rules +# /etc/firewall.d/rules4 +# /etc/firewall.d/rules6 # + ######################### # # # FILTER Table (IPv4) # From 467281d73243ac00c327fb6fc5979c0423c1d814 Mon Sep 17 00:00:00 2001 From: Sean Crites Date: Tue, 14 Apr 2020 22:27:45 -0800 Subject: [PATCH 11/12] Updating comment/header. --- src/firewall.d/global.d/rules6-example | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/src/firewall.d/global.d/rules6-example b/src/firewall.d/global.d/rules6-example index 5876a54..b7b56c7 100644 --- a/src/firewall.d/global.d/rules6-example +++ b/src/firewall.d/global.d/rules6-example @@ -1,16 +1,16 @@ -# /etc/rc.d/rc.firewall.global6 -# -# Global Organization IPv6 Firewall Rules for Slackware Servers +# /etc/firewall.d/global.d/rules6 +# +# Global Organization IP Sets # # THIS FILE IS INTENDED TO CONTAIN FIREWALL RULES PUSHED OUT FROM A # CENTRALIZED LOCATION IN ORDER TO ALLOW AN ORGANIZATION TO CREATE GLOBAL # FIREWALL RULES ACROSS ALL SYSTEMS. # # PLACE HOST SPECIFIC RULES IN ONE OF THE FOLLOWING FILES: -# /etc/rc.d/rc.firewall.ipsets -# /etc/rc.d/rc.firewall.rules -# /etc/rc.d/rc.firewall.rules4 -# /etc/rc.d/rc.firewall.rules6 +# /etc/firewall.d/ipsets +# /etc/firewall.d/rules +# /etc/firewall.d/rules4 +# /etc/firewall.d/rules6 # From 0c0882e85114dc937cacb69e5c83e9a00adf4803 Mon Sep 17 00:00:00 2001 From: Sean Crites Date: Tue, 14 Apr 2020 22:29:52 -0800 Subject: [PATCH 12/12] Updating comment/header. --- src/firewall.d/global.d/rules-example | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/src/firewall.d/global.d/rules-example b/src/firewall.d/global.d/rules-example index 74e061b..269352d 100644 --- a/src/firewall.d/global.d/rules-example +++ b/src/firewall.d/global.d/rules-example @@ -1,16 +1,16 @@ -# /etc/rc.d/rc.firewall.global -# -# Global Organization IPv4/IPv6 Firewall Rules for Slackware Servers +# /etc/firewall.d/global.d/rules +# +# Global Organization IP Sets # # THIS FILE IS INTENDED TO CONTAIN FIREWALL RULES PUSHED OUT FROM A # CENTRALIZED LOCATION IN ORDER TO ALLOW AN ORGANIZATION TO CREATE GLOBAL # FIREWALL RULES ACROSS ALL SYSTEMS. # # PLACE HOST SPECIFIC RULES IN ONE OF THE FOLLOWING FILES: -# /etc/rc.d/rc.firewall.ipsets -# /etc/rc.d/rc.firewall.rules -# /etc/rc.d/rc.firewall.rules4 -# /etc/rc.d/rc.firewall.rules6 +# /etc/firewall.d/ipsets +# /etc/firewall.d/rules +# /etc/firewall.d/rules4 +# /etc/firewall.d/rules6 #