shorewall-exclusion(5)

1shorewall-exclusion(5)                                  shorewall-exclusion(5)
2
3
4

NAME

6       exclusion  -  Exclude  a  set of hosts from a definition in a shorewall
7       configuration file.
8

SYNOPSIS

10       ! address-or-range[, address-or-range] ...
11

DESCRIPTION

13       Exclusion is used when you wish to exclude one or more addresses from a
14       definition. An exclaimation point is followed by a comma-separated list
15       of addresses.  The  addresses  may  be  single  host  addresses  (e.g.,
16       192.168.1.4)  or  they  may  be network addresses in CIDR format (e.g.,
17       192.168.1.0/24). If your kernel and iptables include  iprange  support,
18       you  may  also  specify  ranges of ip addresses of the form lowaddress-
19       highaddress
20
21       No embedded whitespace is allowed.
22
23       Exclusion can appear after a list of addresses and/or  address  ranges.
24       In  that  case, the final list of address is formed by taking the first
25       list and then removing the addresses defined in the exclusion.
26

EXAMPLES

28       Example 1 - All IPv4 addresses except 192.168.3.4
29              !192.168.3.4
30
31       Example 2 - All IPv4 addresses except the  network  192.168.1.0/24  and
32       the host 10.2.3.4
33              !192.168.1.0/24,10.1.3.4
34
35       Example    3    -    All    IPv4    addresses    except    the    range
36       192.168.1.3-192.168.1.12 and the network 10.0.0.0/8
37              !192.168.1.3-192.168.1.12,10.0.0.0/8
38
39       Example 4 - The network 192.168.1.0/24  except  hosts  192.168.1.3  and
40       192.168.1.9
41              192.168.1.0/24!192.168.1.3,192.168.1.9
42

FILES

44       /etc/shorewall/hosts
45
46       /etc/shorewall/masq
47
48       /etc/shorewall/rules
49
50       /etc/shorewall/tcrules
51

53       shorewall(8), shorewall-accounting(5), shorewall-actions(5), shorewall-
54       blacklist(5), shorewall-hosts(5),  shorewall-interfaces(5),  shorewall-
55       ipsec(5),  shorewall-maclist(5),  shorewall-masq(5),  shorewall-nat(5),
56       shorewall-netmap(5), shorewall-params(5),  shorewall-policy(5),  shore‐
57       wall-providers(5),   shorewall-proxyarp(5),   shorewall-route_rules(5),
58       shorewall-routestopped(5),    shorewall-rules(5),    shorewall.conf(5),
59       shorewall-tcclasses(5),  shorewall-tcdevices(5),  shorewall-tcrules(5),
60       shorewall-tos(5), shorewall-tunnels(5), shorewall-zones(5)
61
62
63
64                                  19 May 2008           shorewall-exclusion(5)

NAME

SYNOPSIS

DESCRIPTION

EXAMPLES

FILES

SEE ALSO