Hi Tom Am 12.03.2015 um 15:47 schrieb Tom Eastep: > On 3/5/2015 7:39 AM, Erich Titl wrote: >> Hi Folks >> >> I need to temporarily allow HTTP connections from my shorewall based >> LEAF box, preferrably without having to touch the shorewall files and be >> able to stop this functionality again. >> >> I looked a bit at the very extensive shorewall docs, but nothing >> immediately caught my eyes. It would be nice to somehow do it like the >> port knocking mechanism. >> > > Hi Erich, > > I just released 4.6.8 Beta 1 which includes 'open' and 'close' commands. > The 'open' command does what you are asking and the 'close' command > reverses the effect of a preceding 'open'.
This is great news, thanks for considering it. We have AP# shorewall version 4.6.5.4 as the current standard, but this is just the perfect fit. Right now I am just saving the current setting, inserting a rule into into fw-net and at the end restoring the shorewall settings, using the standard shorewall save and restore interface. Do your open and close commands survive multiple parallel invocations? My method for sure will disable the second process if the first one fails. cheers and thanks Erich
smime.p7s
Description: S/MIME Cryptographic Signature
------------------------------------------------------------------------------ Dive into the World of Parallel Programming The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/
------------------------------------------------------------------------ leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
