Hi Boris Am 29.07.2013 18:17, schrieb Boris: > Hej all, > > > I'm looking for help in a shorewall rule thing: > > There's a local software on 192.168.20.1 communicating on some ports > with several hosts in the net, so the rules sound like > > ACCEPT loc:192.168.20.1 net:host1.theirdom.de 80,443 > ACCEPT loc:192.168.20.1 net:host2.theirdom.de 80,999 > > host1 is resolved to a different IP than host2. > > Because the communication still doesn't work, I was asking (at least > three times) for the complete set of communications that have to be > accepted and got new rules every time. > Now, that it's beginning to hurt, they tell me I should accept traffic > to all hosts *.theirdom.de. In fact, theirdom.de cannot be resolved. > > So, what to do? Is it possible to work with a wildcard? The longer I > think about, it seems to be nonsense....
AFAIK iptables, and therefor shorewall, does not support wildcards for domains. Supported are ip ranges, see http://shorewall.net/configuration_file_basics.htm#IPRanges For more in-depth knowledge you'd better ask on shorewall mailing-lists. regards kp ------------------------------------------------------------------------------ Get your SQL database under version control now! Version control is standard for application code, but databases havent caught up. So what steps can you take to put your SQL databases under version control? Why should you start doing it? Read more to find out. http://pubads.g.doubleclick.net/gampad/clk?id=49501711&iu=/4140/ostg.clktrk ------------------------------------------------------------------------ leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/