X-Git-Url: http://git.onelab.eu/?p=iptables.git;a=blobdiff_plain;f=iptables-config;h=d2ceb57402d06a6f8f5e40985e155b1824e3cecc;hp=c7d81cf5a5f9f25f683c991a3a3cf7899a187697;hb=HEAD;hpb=0aab852e51b9511a1abe6a8970a2e26620bc079b diff --git a/iptables-config b/iptables-config index c7d81cf..d2ceb57 100644 --- a/iptables-config +++ b/iptables-config @@ -2,36 +2,47 @@ # Default: -none- # Space separated list of nat helpers (e.g. 'ip_nat_ftp ip_nat_irc'), which # are loaded after the firewall rules are applied. Options for the helpers are -# stored in /etc/modules.conf. -IPTABLES_MODULES="ip_conntrack vnet_tun" +# stored in /etc/modprobe.conf. +IPTABLES_MODULES="ip_conntrack" # Unload modules on restart and stop # Value: yes|no, default: yes # This option has to be 'yes' to get to a sane state for a firewall # restart or stop. Only set to 'no' if there are problems unloading netfilter # modules. -#IPTABLES_MODULES_UNLOAD="yes" +IPTABLES_MODULES_UNLOAD="yes" # Save current firewall rules on stop. # Value: yes|no, default: no # Saves all firewall rules to /etc/sysconfig/iptables if firewall gets stopped # (e.g. on system shutdown). -#IPTABLES_SAVE_ON_STOP="no" +IPTABLES_SAVE_ON_STOP="no" # Save current firewall rules on restart. # Value: yes|no, default: no # Saves all firewall rules to /etc/sysconfig/iptables if firewall gets # restarted. -#IPTABLES_SAVE_ON_RESTART="no" +IPTABLES_SAVE_ON_RESTART="no" # Save (and restore) rule and chain counter. # Value: yes|no, default: no # Save counters for rules and chains to /etc/sysconfig/iptables if # 'service iptables save' is called or on stop or restart if SAVE_ON_STOP or # SAVE_ON_RESTART is enabled. -#IPTABLES_SAVE_COUNTER="no" +IPTABLES_SAVE_COUNTER="no" # Numeric status output -# Value: yes|no, default: no +# Value: yes|no, default: yes # Print IP addresses and port numbers in numeric format in the status output. -#IPTABLES_STATUS_NUMERIC="no" +IPTABLES_STATUS_NUMERIC="no" + +# Verbose status output +# Value: yes|no, default: yes +# Print info about the number of packets and bytes plus the "input-" and +# "outputdevice" in the status output. +IPTABLES_STATUS_VERBOSE="yes" + +# Status output with numbered lines +# Value: yes|no, default: yes +# Print a counter/number for every rule in the status output. +IPTABLES_STATUS_LINENUMBERS="yes"