Tom:
I have Shorewall v 4.5.21.6 and trying IPSET when I put the following in
blrules file:
#ACTION SOURCE DEST PROTO DEST
SOURCE ORIGINAL RATE USER/ MARK CONNLIMIT TIME
#
DROP net:+blacklist4
and refreshed I got the following:
Compiling...
Processing /etc/shorewall/params ...
Processing /etc/shorewall/shorewall.conf...
Loading Modules...
Compiling /etc/shorewall/zones...
Compiling /etc/shorewall/interfaces...
Determining Hosts in Zones...
Locating Action Files...
Compiling /etc/shorewall/policy...
Adding Anti-smurf Rules
Adding rules for DHCP
Compiling TCP Flags filtering...
Compiling Kernel Route Filtering...
Compiling Martian Logging...
Compiling Accept Source Routing...
Compiling /etc/shorewall/masq...
Compiling MAC Filtration -- Phase 1...
Compiling /etc/shorewall/blrules...
ERROR: Missing destination zone /etc/shorewall/blrules (line 13)
Then when I added all in the destination zone
#ACTION SOURCE DEST PROTO DEST
SOURCE ORIGINAL RATE USER/ MARK CONNLIMIT TIME
#
DROP net:+blacklist4 all
It worked!
Is this the way it suppose to work having to supply both source and
destination. Your sample does not show this.
Does version 5 do the same thing?
when I upgrade
--
Eric Teeter
------------------------------------------------------------------------------
Mobile security can be enabling, not merely restricting. Employees who
bring their own devices (BYOD) to work are irked by the imposition of MDM
restrictions. Mobile Device Manager Plus allows you to control only the
apps on BYO-devices by containerizing them, leaving personal data untouched!
https://ad.doubleclick.net/ddm/clk/304595813;131938128;j
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
