#
# Shorewall -- /etc/shorewall/rules
#
# For information on the settings in this file, type "man shorewall-rules"
#
# The manpage is also online at
# https://shorewall.org/manpages/shorewall-rules.html
#
##############################################################################################################################################################
#ACTION         SOURCE          DEST            PROTO   DPORT   SPORT   ORIGDEST        RATE    USER    MARK    CONNLIMIT       TIME    HEADERS SWITCH  HELPER

?SECTION ALL
?SECTION ESTABLISHED
?SECTION RELATED
?SECTION INVALID
?SECTION UNTRACKED
?SECTION NEW

DNS(DROP)       loc             fw
Ping(DROP)      loc             fw
AllowICMPs      loc             fw

DNS(ACCEPT)     fw              all
REJECT:info:kids            fw              all             -       -       -       !18.213.121.197,3.221.116.52,3.224.232.161,3.94.217.247,34.194.227.229,34.237.57.93,54.210.249.12,54.227.123.199,35.170.165.23,52.73.128.163,52.85.114.0/24             -       :kids


#SMB(ACCEPT)     loc             fw

#SSH(ACCEPT)    loc             fw
#ACCEPT         loc             fw              tcp     22      -               -               s:ssh:6/min:5

# Jabber (plain, ssl, file transfer)
#ACCEPT         loc             fw              tcp     5222,5223
#ACCEPT          loc             fw              tcp     8010    -               -               s:psi:10/min:5

# Gerrit
#ACCEPT          loc             fw              tcp     29418,8080

# OpenArena
#ACCEPT          loc             fw              udp     27960

# AlienArena
#ACCEPT          loc             fw              udp     27910,37279

#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE