[Shorewall-users] [Fwd: Question]

Tom Eastep Mon, 20 Oct 2008 09:21:52 -0700

I am forwarding this post to the Shorewall Users mailing list. The email
address '[EMAIL PROTECTED]' is reserved for sending large or
confidential attachments to the Shorewall support team.


See http://www.shorewall.net/support.htm

-Tom

-------- Original Message --------
Subject: Question
Date: Mon, 20 Oct 2008 11:30:04 +0000
From: Raul <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]

Good morning,
i'm trying to configure shorewall firewall in my laptop to reject all
conections to the site http://www.marca.com. My laptop is in the local
network of my company and we connect to Internet by a Proxy Server.
My config files are like this:

#LAST LINE - ADD YOUR ENTRIES ABOVE THIS ONE - DO NOT REMOVE
#ZONE   TYPE             OPTIONS
fw      firewall
net     ipv4
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
#ZONE    INTERFACE      BROADCAST     OPTIONS
net       eth0           detect

#LAST LINE -- DO NOT REMOVE
#SOURCE ZONE     DESTINATION ZONE    POLICY     LOG     LIMIT:BURST
#                                               LEVEL
fw               net                 ACCEPT
net              all                 DROP       $LOG
all              all                 REJECT     $LOG

#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
#ACTION   SOURCE    DESTINATION     PROTO       DEST PORT(S)
#REJECT    fw        net:194.224.66.0/24         tcp          80
#ACTION   SOURCE    DESTINATION     PROTO
REJECT    net:eth0:194.224.66.0-194.224.66.255  fw


I always type a shorewall restart after changing any configuration file
and start ups with no problem.
My external device is eth0

kreator:/var/log/ulog# ip route ls
172.22.0.0/18 dev eth0  proto kernel  scope link  src 172.22.2.161
default via 172.22.0.1 dev eth0


With this configuration i think it should work fine but it doesnt. Where
is the problem?.

Thanks in advanced!!.

Best Regards:Raul.





-- 
Tom Eastep        \ The ultimate result of shielding men from the
Shoreline,         \ effects of folly is to fill the world with fools.
Washington, USA     \                                 -Herbert Spencer
http://shorewall.net \________________________________________________

signature.asc
Description: OpenPGP digital signature

-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/

_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users

[Shorewall-users] [Fwd: Question]

Reply via email to