I have a couple devices, such as a DVR, on the local net (loc) that I do 
not want to have access to the Internet. Remember the recent DDOS 
attacks that originated with Iot devices!  I added this to shorewall rules.

DROP loc:192.168.1.x,192.168.1.y net all

They get their time from the local time server so they have no reason to 
access the net.

I have not tested this, but at least shorewall compiles and runs. Any 
comments.

Victor


------------------------------------------------------------------------------
Developer Access Program for Intel Xeon Phi Processors
Access to Intel Xeon Phi processor-based developer platforms.
With one year of Intel Parallel Studio XE.
Training and support from Colfax.
Order your platform today. http://sdm.link/xeonphi
------------------------------------------------------------------------
leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

Reply via email to