> Each "zone2zone" chain (e.g., net2fw) that has blacklist rules has
> a companion blacklisting chain with the same name but prefaced by
> "~". For example, 'net2fw' blacklist rules appear in the chain
> ~net2fw.
Actually, the '~' follows the name.
> The 'maclist' interface option can also generate rules that are
> traversed prior to those in the BLACKLIST section. If you want them
> to come after the the blacklist rules, simply recode your maclist
> rules in the NEW section of the rules file.
This isn't a very satisfactory solution. I'll work on it some more.
-Tom
------------------------------------------------------------------------------
All the data continuously generated in your IT infrastructure contains a
definitive record of customers, application performance, security
threats, fraudulent activity and more. Splunk takes this data and makes
sense of it. Business sense. IT sense. Common sense.
http://p.sf.net/sfu/splunk-d2dcopy1
_______________________________________________
Shorewall-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-devel
