On 05/18/2011 08:34 AM, Mr Dash Four wrote: > >> Yes. >> > No objection from me then - the "whitelist" entries only provide means > of directing the flow, so logging on the rest (blacklist entries) should > only depend on that option!
That's also my feeling. Plus, if BLACKLISTNEWONLY=No, then every packet in a whitelisted connenection would get logged; clearly a foolish thing to do. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ What Every C/C++ and Fortran developer Should Know! Read this article and learn how Intel has extended the reach of its next-generation tools to help Windows* and Linux* C/C++ and Fortran developers boost performance applications - including clusters. http://p.sf.net/sfu/intel-dev2devmay
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
