notrack — shorewall notrack file
/etc/shorewall/notrack
The notrack file is used to exempt certain traffic from Netfilter connection tracking. Traffic matching entries in this fill will not be tracked.
The file was added in shorewall-perl 4.2.7 and is not supported by shorewall-shell or by earlier versions of shorewall-perl.
The columns in the file are as follows.
where zone is the name of a zone,
interface is an interface to that zone,
and address-list is a comma-separated
list of addresses (may contain exclusion - see shorewall-exclusion
(5)).
address-list]where address-list is a
comma-separated list of addresses (may contain exclusion - see
shorewall-exclusion
(5)).
protocol-name-or-numberA protocol name from /etc/protocols or a
protocol number.
A comma-separated list of port numbers and/or service names
from /etc/services. May also include port
ranges of the form
low-port:high-port
if your kernel and iptables include port range support.
A comma-separated list of port numbers and/or service names
from /etc/services. May also include port
ranges of the form
low-port:high-port
if your kernel and iptables include port range support.
user][:group]May only be specified if the SOURCE
zone is $FW. Specifies the effective user
id and or group id of the process sending the traffic.
shorewall(8), shorewall-accounting(5), shorewall-actions(5), shorewall-blacklist(5), shorewall-hosts(5), shorewall-interfaces(5), shorewall-ipsec(5), shorewall-masq(5), shorewall-nat(5), shorewall-netmap(5), shorewall-params(5), shorewall-policy(5), shorewall-providers(5), shorewall-proxyarp(5), shorewall-route_rules(5), shorewall-routestopped(5), shorewall-rules(5), shorewall.conf(5), shorewall-tcclasses(5), shorewall-tcdevices(5), shorewall-tcrules(5), shorewall-tos(5), shorewall-tunnels(5), shorewall-zones(5)