! typo: > loc net ACCEPT all all REJECT should be: loc net ACCEPT all all REJECT
Tom Hendrickx schrieb: > Hi, > > this is what I would do! > keep your policy very simple: /etc/shorewall/policy > loc net ACCEPT all all REJECT > > and specify what can come through in the rules files: > here you add this: > > #ACTION SOURCE DEST PROTO DEST SOURCE > # PORT PORT > ACCEPT net:121.121.12.11 loc:192.168.1.2 - - 511 > > I hope this helped you! > Grtz, > Tom > > Citeren Arpan Jindal <[EMAIL PROTECTED]>: > >> hi all >> >> i have installed shorewall on linux machine. shorewall machine is having 2 >> lan cards on having public ip(121.121.12.12) and other having local lan ip( >> 192.168.1.1). The input for public ip(121.121.12.12) is coming from cisco >> router having ip address(121.121.12.11). There is one more machine in local >> lan having nagius running on it and with ip 192.168.1.2. >> >> Issues i am facing is to set which rule in shorewall so that shorewall only >> allow traffic from router (121.121.12.11)with port 511 can go to 192.168.1.2 >> . >> >> >> >> but i want to make shure that that port should not be open for rest all. >> >> >> >> Thanks >> ------------------------------------------------------------------------- >> This SF.net email is sponsored by the 2008 JavaOne(SM) Conference >> Don't miss this year's exciting event. There's still time to save $100. >> Use priority code J8TL2D2. >> http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone >> ------------------------------------------------------------------------ >> leaf-user mailing list: leaf-user@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/leaf-user >> Support Request -- http://leaf-project.org/ >> >> > > > > ------------------------------------------------------------------------- > This SF.net email is sponsored by the 2008 JavaOne(SM) Conference > Don't miss this year's exciting event. There's still time to save $100. > Use priority code J8TL2D2. > http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone > ------------------------------------------------------------------------ > leaf-user mailing list: leaf-user@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/leaf-user > Support Request -- http://leaf-project.org/ > ------------------------------------------------------------------------- This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone ------------------------------------------------------------------------ leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
