Linux Advocate wrote: > ... >> I have a simple two interface firewall. The firewall machine also provides >> some >> services to the LAN and to the NET. >> What i would like to do is allow only a particular range of IPs frm the >> internet >> to access those services. >> >> What do i need to do with my 'rules' file. Ideally i should be able to add >> ip , >> remove ip as required. >> >> Can i make a file called 'Authorized_IP.txt' and use that? > > or would it be better to edit the policy file?
If you expect to have a set of common rules for this particular range of IPs, then creating a separate zone and adding/removing hosts from that zone using the hosts file (and setting its access via the policy and rules files) makes good sense. http://www.shorewall.net/Multiple_Zones.html is probably a good place to start reading about this. Paul ------------------------------------------------------------------------------ Crystal Reports - New Free Runtime and 30 Day Trial Check out the new simplified licensing option that enables unlimited royalty-free distribution of the report engine for externally facing server and web deployment. http://p.sf.net/sfu/businessobjects _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
