On 2007/01/19 15:47, Joerg Jaspert <[EMAIL PROTECTED]> wrote:
> def $IPS=(1.2.3.4 3.4.5.6 5.6.7.8)
>
> proto tcp dport 26 !$IPS REJECT;
>
> -> doesnt work, ferm doesnt know how to handle this. It should be, its
> live is easy rule handling. :)
>
> Yes, I know that I can write that as
>
> proto tcp dport 26 {
> $IPS ACCEPT;
> REJECT;
> }
>
> but thats ugly and IMO should be ferms job. :)
So where does the "ACCEPT" come from? I could imagine solving this by
creating custom chains, and doing:
chain custom_chain {
saddr $IPS RETURN;
your_action_here;
}
That would clutter the chain namespace, which I tried to avoid.
Opinions?
Max
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
