Andras Sarkozy wrote: > Hi Tom, > > It works so far! > > Thanks a lot (thinking how to test ipsets in rules :) > > Best wishes, > Andras >
Hi Tom, Ipset works in the ACCEPT rule like: ACCEPT bnet:+mycomputers all - - ACCEPT:debug anet:+mycomputers all - - ACCEPT:info cnet:+mycomputers all - - I tried the following and it did not work probably because I did not RTFM but I was hoping to make the ports opening dynamic through ipset: ACCEPT bnet wan:$MAILIP tcp +mailports where [EMAIL PROTECTED]/etc/shorewall]# ipset -N mailports portmap --from 1 --to 1023 [EMAIL PROTECTED]/etc/shorewall]# ipset -A mailports 20 [EMAIL PROTECTED]/etc/shorewall]# ipset -A mailports 21 [EMAIL PROTECTED]/etc/shorewall]# ipset -A mailports 25 Well,, I'll continue to make discoveries with ipset. I see a tremendous opportunity to use them especially for dynamic configurations! Andras ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users