Bryan Vukich wrote: > In /etc/shorewall/interfaces you probably want something along the > following lines: > #ZONE INTERFACE BROADCAST OPTIONS > loc eth0 detect dhcp > net eth1 detect norfc1918,blacklist > > In /etc/shorewall/policy you probably have a line that looks like: > loc net ACCEPT > > If so, all traffic from loc to the internet will automatically be > accepted, so you wont need an accept rule just for 192.168.6.2 > > Now if you don't have the above policy on purpose, then the following > rule in /etc/shorewall/rules will accomplish the same thing for that one > IP: > ACCEPT loc:192.168.63.2 all all > > But you probably don't want a rule such as: > ACCEPT net:215.162.1.22 all all
Such rules cannot override RFC 1918 filtration. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
