> > I don't know, now that I've set up shorewall on my router it seems > > like a simple matter to set it up on another machine. I should only > > need to edit a few config files with very light additions. > > > > - Grant > > Understand - to be honest I have moved to shorewall on almost all my > machines for uniformity, even though its rather more complex than > needed. > > > BillK
How does this /etc/shorewall/rules look for my router? DNS/ACCEPT $FW net Ping/REJECT net $FW DNAT net loc:192.168.0.3 tcp 50000 DNAT net loc:192.168.0.3 udp 50000 ACCEPT $FW loc icmp ACCEPT $FW net icmp Does this reject ssh requests from the net zone or do I need to specify that? It looks like maybe there is another set of basic ACCEPT/REJECT configs that this is modifying. Does anyone know which file that might reside in? If this looks good I'll set up something similar on the laptop. - Grant -- [EMAIL PROTECTED] mailing list
