Hi, Here's a snippet of my rules file:
DNAT net1 loc:10.215.145.120:443 tcp 30443 DNAT net1 loc:10.215.144.95:80 tcp 30080 # ACCEPT net1 $FW tcp 30443,30080 ADD(POL_BL:src):info:polbl,add2polbl net1,net2,net3,net4:!+POL_BL,+GLOBAL_WL all I'd like ADD() to be "executed", but only if traffic has not been ACCEPT'ed or DNAT'ed. The above lines "run" ADD() even when there's a match for the DNAT rules. If I uncomment the 3rd line then ADD() is not reached, as expected. However, I'd rather not use the 3rd line. How can I configure the rules file so that ADD() is not reached when a DNAT entry like the ones above is matched? Thanks, Vieri ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users