On Tuesday 15 November 2005 04:30, Charles Steinkuehler wrote:
> Plus, I think the
> place to state src/dst for ports is in the second sentence. I think
> something like the following would be more clear:
Thanks for the suggestion -- I've updated both the 2.x and 3.x doc as you
suggest.
-Tom
--
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Tom Eastep wrote:
| --
| http://www1.shorewall.net/Documentation.htm#Blacklist
| http://www1.shorewall.net/2.0/Documentation.htm#Blacklist
|
| PORTS
|
| Optional; may onl
Tom
Tom Eastep wrote:
...
> --
> http://www1.shorewall.net/Documentation.htm#Blacklist
> http://www1.shorewall.net/2.0/Documentation.htm#Blacklist
>
> PORTS
>
> Optional; may only be given if PROTOCOL is tcp, udp or
On Monday 14 November 2005 19:20, Charles Steinkuehler wrote:
> Tom Eastep wrote:
> | On Saturday 12 November 2005 04:59, Charles Steinkuehler wrote:
> |> | What's the "right" way to do this in shorewall?
> |>
> |> Never mind...after testing some blacklist rules (and some sleep!), I
> |> noticed th
On Monday 14 November 2005 19:20, Charles Steinkuehler wrote:
>
> Next up...trying to get IPSec working on debian with a patched kernel and
> iptables. I've got everything compiled and the kernel even runs (thanks to
> tips at the shorewall site!), I just haven't had time to learn the new 2.6
> I
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Tom Eastep wrote:
| On Saturday 12 November 2005 04:59, Charles Steinkuehler wrote:
|
|> |
|> | What's the "right" way to do this in shorewall?
|>
|> Never mind...after testing some blacklist rules (and some sleep!), I
|> noticed the port specificait
On Saturday 12 November 2005 04:59, Charles Steinkuehler wrote:
> |
> | What's the "right" way to do this in shorewall?
>
> Never mind...after testing some blacklist rules (and some sleep!), I
> noticed the port specificaitons in the blacklist file are destination
> ports, so I can block the above
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Charles Steinkuehler wrote:
| I'm migrating to a cable-modem internet connection, and am getting all the
| external junk that goes along with the 'shared' nature of this type of link.
|
| I'd like to drop a bunch of junk that's currently getting logg
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I'm migrating to a cable-modem internet connection, and am getting all the
external junk that goes along with the 'shared' nature of this type of link.
I'd like to drop a bunch of junk that's currently getting logged, but am not
sure the best way to
