NAME<\/a> addresses \u2212 Specifying addresses within a Shorewall configuration<\/p>\n In both Shorewall and Shorewall6, there are two basic types of addresses:<\/p>\n Host Address<\/p>\n This address type refers to a single host.<\/p>\n In IPv4, the format is i.j.k.l<\/i> where i<\/i> through l<\/i> are decimal numbers between 1 and 255.<\/p>\n In IPv6, the format is a:b:c:d:e:f:g:h<\/i> where a<\/i> through h<\/i> consist of 1 to 4 hexadecimal digits (leading zeros may be omitted). a single series of 0 addresses may be omitted. For example 2001:227:e857:1:0:0:0:0:1 may be written 2001:227:e857:1::1.<\/p>\n Network Address<\/p>\n A network address refers to 1 or more hosts and consists of a host address followed by a slash (“\/”) and a Variable Length Subnet Mask (VLSM). This is known as Classless Internet Domain Routing (CIDR) notation.<\/p>\n The VLSM is a decimal number. For IPv4, it is in the range 0 through 32. For IPv6, the range is 0 through 128. The number represents the number of leading bits in the address that represent the network address; the remainder of the bits are a host address and are generally given as zero.<\/p>\n Examples:<\/p>\n IPv4: 192.168.1.0\/24<\/p>\n IPv6: 2001:227:e857:1:0:0:0:0:1\/64<\/p>\n In the Shorewall documentation and manpages, we have tried to make it clear which type of address is accepted in each specific case.<\/p>\n Because Shorewall uses a colon (“:”) as a separator in many contexts, IPv6 addresses are best written using the standard convention in which the address itself is enclosed in square brackets:<\/p>\n [2001:227:e857:1::1] Entries in Shorewall configuration files often deal with the source (SOURCE) and destination (DEST) of connections and Shorewall implements a uniform way for specifying them.<\/p>\n A SOURCE or DEST consists of one to three parts separated by colons (“:”):<\/p>\n 1. ZONE \u2014 The name of a zone declared in \/etc\/shorewall\/zones or \/etc\/shorewall6\/zones. This part is only available in the rules file (\/etc\/shorewall\/rules, \/etc\/shorewall\/blrules,\/etc\/shorewall6\/rules and \/etc\/shorewall6\/blrules).<\/p>\n 2. INTERFACE \u2014 The name of an interface that matches an entry in \/etc\/shorewall\/interfaces (\/etc\/shorewall6\/interfaces).<\/p>\n Beginning with Shorweall 5.2.1, the interface<\/i> may be preceded with ‘!’ which matches all interfaces except the one specified.<\/p>\n 3. ADDRESS LIST \u2014 A list of one or more addresses (host or network) or address ranges, separated by commas. In an IPv6 configuration, this list must be included in square or angled brackets (“[…]” or “<...>“). The list may have exclusion.<\/p>\n Examples.<\/p>\n 1. All hosts in the net<\/b> zone \u2014 net<\/b><\/p>\n 2. Subnet 192.168.1.0\/29 in the loc<\/b> zone \u2014 loc:192.168.1.0\/29<\/b><\/p>\n 3. All hosts in the net zone connecting through ppp0 \u2014 net:ppp0<\/b><\/p>\n 4. All hosts interfaced by eth3 \u2014 eth3<\/b><\/p>\n 5. Subnet 10.0.1.0\/24 interfacing through eth2 \u2014 eth2:10.0.1.0\/24<\/b><\/p>\n 6. Host 2002:ce7c:92b4:1:a00:27ff:feb1:46a9 in the loc<\/b> zone \u2014 loc:[2002:ce7c:92b4:1:a00:27ff:feb1:46a9]<\/b><\/p>\n 7. The primary IP address of eth0 in the $FW zone \u2212 $FW:ð0<\/b><\/p>\n 8. All hosts in Vatican City \u2212 net:^VA<\/b> (Requires the GeoIP Match<\/i> capability).<\/p>\n If you kernel and iptables have IP Range match support<\/i>, you may use IP address ranges in Shorewall configuration file entries; IP address ranges have the syntax <low IP address<\/i>>\u2212<high IP address<\/i>>.<\/p>\n Example: 192.168.1.5\u2212192.168.1.12.<\/p>\n For more information about addressing, see theSetup Guide<\/font><\/b> [1]<\/font><\/small> .<\/font><\/p>\n 1.<\/font><\/p>\n<\/td>\n Setup Guide<\/font><\/p>\n<\/td>\n https:\/\/shorewall.org\/manpages\/shorewall_setup_guide.htm#Addressing<\/font><\/p>\n addresses \u2212 Specifying addresses within a Shorewall configuration <\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[959],"tags":[961,1291,1490],"class_list":["post-4527","post","type-post","status-publish","format-standard","hentry","category-5-formatos-de-ficheros","tag-961","tag-man5","tag-shorewall-addresses"],"gutentor_comment":0,"_links":{"self":[{"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/posts\/4527","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/comments?post=4527"}],"version-history":[{"count":0,"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/posts\/4527\/revisions"}],"wp:attachment":[{"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/media?parent=4527"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/categories?post=4527"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/tags?post=4527"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
DESCRIPTION<\/a>
SPECIFYING SOURCE AND DEST<\/a>
IP ADDRESS RANGES<\/a>
SEE ALSO<\/a>
NOTES<\/a> <\/p>\n
\nNAME <\/a> <\/h2>\n
DESCRIPTION <\/a> <\/h2>\n
[2001:227:e857:1::]\/64<\/p>\nSPECIFYING SOURCE AND DEST <\/a> <\/h2>\n
IP ADDRESS RANGES <\/a> <\/h2>\n
SEE ALSO <\/a> <\/h2>\n
NOTES <\/a> <\/h2>\n
\n
\n <\/td>\n \n <\/td>\n \n <\/td>\n<\/tr>\n<\/table>\n
\n","protected":false},"excerpt":{"rendered":"