alex wrote:
Hello Tom!
After i read and analyze some docs about IFB i decide that for implement
this feature in Shorewall not need more efforts (of course i may be wrong).
If we have 'ifb0' device then we must activate ingress discipline on real
device (f.e. eth2) and redirect 'egress'
Tom Eastep wrote:
alex wrote:
Hello Tom!
After i read and analyze some docs about IFB i decide that for
implement
this feature in Shorewall not need more efforts (of course i may be
wrong).
If we have 'ifb0' device then we must activate ingress discipline on real
device (f.e. eth2)
This functionality should be at a higher level than a firewall like
shorewall... my guess would be that Asterisk can do something like
that already (though I have never used it (-; ).
~David
On Wed, Mar 5, 2008 at 4:39 PM, Rick Bragg [EMAIL PROTECTED] wrote:
Hi,
I realize that this is
On Wed, Mar 05, 2008 at 11:39:56PM +, Rick Bragg wrote:
I realize that this is probably not possible for Shorewall, or any
firewall, but I'm not sure where else to turn, and I would really love
it if Shorewall could do this so here goes!
Is it possible to drop connections to my Voip
Previously:
*ACCEPT loc:$ADMIN all all*
with a non-existent variable ADMIN gererates an error:
*ERROR: Empty source zone or qualifier: rule ACCEPT loc: net all *
NOW IT BECOMES 'n' POLICIES FOR ALL ZONES IN YOUR FIREWALL.
It´s the same creating these policies:
loc net ACCEPT
loc dmz ACCEPT
Guilsson . wrote:
Previously:
*ACCEPT loc:$ADMIN all all*
with a non-existent variable ADMIN gererates an error:
*ERROR: Empty source zone or qualifier: rule ACCEPT loc: net all *
NOW IT BECOMES 'n' POLICIES FOR ALL ZONES IN YOUR FIREWALL.
It´s the same creating these policies:
loc net
Tom Eastep wrote:
See Shorewall FAQ 62 and either
a) Beat yourself violently about the head for ever believing that LDAP
authentication on a firewall was a good idea; or
b) List your LDAP server(s) IP address(es) in
/etc/shorewall/routestopped with the 'critical' option and hope for the