1SHOREWALL6-NOTRACK(5)           [FIXME: manual]          SHOREWALL6-NOTRACK(5)
2
3
4

NAME

6       notrack - shorewall6 notrack file
7

SYNOPSIS

9       /etc/shorewall6/notrack
10

DESCRIPTION

12       The notrack file is used to exempt certain traffic from Netfilter
13       connection tracking. Traffic matching entries in this file will not be
14       tracked.
15
16       The columns in the file are as follows.
17
18       SOURCE – zone[:interface][:address-list]
19           where zone is the name of a zone, interface is an interface to that
20           zone, and address-list is a comma-separated list of addresses (may
21           contain exclusion - see shorewall6-exclusion[1] (5)).
22
23       DEST – [interface|address-list]
24           where address-list is a comma-separated list of addresses (may
25           contain exclusion - see shorewall6-exclusion[1] (5)). If an
26           interface is given:
27
28           ·   It must be up and configured with an IPv6 address when
29               Shorewall is started or restarted.
30
31           ·   All routes out of the interface must be configured when
32               Shorewall is started or restarted.
33
34           ·   Default routes out of the interface will result in a warning
35               message and will be ignored.
36
37       PROTO – protocol-name-or-number
38           A protocol name from /etc/protocols or a protocol number.
39
40       DEST PORT(S) - port-number/service-name-list
41           A comma-separated list of port numbers and/or service names from
42           /etc/services. May also include port ranges of the form
43           low-port:high-port if your kernel and iptables include port range
44           support.
45
46       SOURCE PORT(S) - port-number/service-name-list
47           A comma-separated list of port numbers and/or service names from
48           /etc/services. May also include port ranges of the form
49           low-port:high-port if your kernel and iptables include port range
50           support.
51
52       USER/GROUP – [user][:group]
53           May only be specified if the SOURCE zone is $FW. Specifies the
54           effective user id and or group id of the process sending the
55           traffic.
56

FILES

58       /etc/shorewall6/notrack
59

SEE ALSO

61       shorewall6(8), shorewall6-accounting(5), shorewall6-actions(5),
62       shorewall6-blacklist(5), shorewall6-hosts(5), shorewall6-interfaces(5),
63       shorewall6-ipsec(5), shorewall6-params(5), shorewall6-policy(5),
64       shorewall6-providers(5), shorewall6-proxyarp(5),
65       shorewall6-route_rules(5), shorewall6-routestopped(5),
66       shorewall6-rules(5), shorewall6.conf(5), shorewall6-secmarks(5),
67       shorewall6-tcclasses(5), shorewall6-tcdevices(5),
68       shorewall6-tcrules(5), shorewall6-tos(5), shorewall6-tunnels(5),
69       shorewall-zones(5)
70

NOTES

72        1. shorewall6-exclusion
73           http://www.shorewall.net/manpages6/shorewall-exclusion.html
74
75
76
77[FIXME: source]                   09/16/2011             SHOREWALL6-NOTRACK(5)
Impressum