On 2/16/2014 11:58 AM, Dash Four wrote: > >> I get your point, but I don't want to have any broadcast/multicast >> traffic traversed at all. In other words, I don't want to have >> "normal" traffic traversing through "multicast" or "broadcast" >> rules unnecessarily as I am simply not interested in having that >> kind of traffic - there is no need (at least in my case). The >> default action on OUTPUT is fine, better still, if I have a single >> set or action/rule at the bottom of that chain for such traffic, >> before the default OUTPUT action - that would be even better. > I should make it clearer that I could manage to get such action > inserted in the OUTPUT chain - the above wasn't a request for you to > do anything, I was just canvassing an opinion.
If you define a fw->all policy, then Shorewall will enforce that policy at the end of the OUTPUT chain. You can then define the default action for that policy to do anything you want. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Android apps run on BlackBerry 10 Introducing the new BlackBerry 10.2.1 Runtime for Android apps. Now with support for Jelly Bean, Bluetooth, Mapview and more. Get your Android app in front of a whole new audience. Start now. http://pubads.g.doubleclick.net/gampad/clk?id=124407151&iu=/4140/ostg.clktrk
_______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
