I wrote: >They could probably be narrowed down to : ># RFC1918 >ACCEPT net:192.168.x.1 $FW udp 67-68 >HTTP(ACCEPT) loc net:192.168.x.1 >Telnet(ACCEPT) loc net:192.168.x.1 >Ping(ACCEPT) loc net:192.168.x.1 >DROP net:10.0.0.0/8 all >DROP net:172.16.0.0/12 all >DROP net:192.168.0.0/16 all >DROP all net:10.0.0.0/8 >DROP all net:172.16.0.0/12 >DROP all net:192.168.0.0/16
Oops, there's a line missing there : ACCEPT net:192.168.x.1 $FW udp 67-68 ACCEPT $FW net:192.168.x.1 udp 67-68 That's for DHCP between firewall and modem. -- Simon Hobson Visit http://www.magpiesnestpublishing.co.uk/ for books by acclaimed author Gladys Hobson. Novels - poetry - short stories - ideal as Christmas stocking fillers. Some available as e-books. ------------------------------------------------------------------------------ Return on Information: Google Enterprise Search pays you back Get the facts. http://p.sf.net/sfu/google-dev2dev _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
