On 2/20/2015 8:50 AM, Donald S. Doyle wrote: > Version 4.5.5.3 > > Not sure how you mean configured, I use the blacklist file >
Well, by default, entries in the blacklist file reject NEW connections FROM listed addresses. They don't sever existing connections and they don't prevent systems in your local network (including the gateway) from connecting to those addresses. My recommendation would be to upgrade to 4.6 (use the repository at http://people.connexer.com/~roberto/debian/) and begin using the blrules file. Pay particular attention to the BLACKLIST setting in shorewall.conf. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server from Actuate! Instantly Supercharge Your Business Reports and Dashboards with Interactivity, Sharing, Native Excel Exports, App Integration & more Get technology previously reserved for billion-dollar corporations, FREE http://pubads.g.doubleclick.net/gampad/clk?id=190641631&iu=/4140/ostg.clktrk
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
