I have a couple devices, such as a DVR, on the local net (loc) that I do not want to have access to the Internet. Remember the recent DDOS attacks that originated with Iot devices! I added this to shorewall rules.
DROP loc:192.168.1.x,192.168.1.y net all They get their time from the local time server so they have no reason to access the net. I have not tested this, but at least shorewall compiles and runs. Any comments. Victor ------------------------------------------------------------------------------ Developer Access Program for Intel Xeon Phi Processors Access to Intel Xeon Phi processor-based developer platforms. With one year of Intel Parallel Studio XE. Training and support from Colfax. Order your platform today. http://sdm.link/xeonphi ------------------------------------------------------------------------ leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/