On Tuesday, 28 August, 2012 09:31:31 cac...@quantum-sci.com wrote:
>
> Just installed psad and am testing it. This morning I awoke to an email
> saying:
>
> [-] You may just need to add a default logging rule to the /sbin/ip6tables
> 'filter' 'INPUT' chain on hydra. For more information,
>
On 08/31/2012 09:43 AM, Mark van Dijk wrote:
>
> If this is valid then as you can see it would allow me to have shared
> rules for the parent (loc) e.g. drop ICMP echo request from inet to
> loc, and specific rules for child zones. But I'm not sure if this is
> valid - eth1 is not the same as eth
Hi,
Say eth0 is connected to the Internet and eth1 is a trunk port connected
to a managed switch. Everything on that switch can be regarded to be a
member of the "loc" zone.
The other hosts are a member of one VLAN. They have arbitrary IP
addresses, outside of eth0's subnet. So, for example we ha
