Tom,
I've just packaged upnpd.lrp which is a daemon that creates dynamic firewall and NAT rules. In order for it to run cleanly and not interfere with shorewall, I'd like to write shorewall rules to call tables that would be managed by upnpd directly. These tables could be empty, or could have ACCEPT (in FORWARD) or DNAT (in PREROUTING) rules in them.
What's the *cleanest* way for me to document how this should be done?
Without shorewall, I'd just say:
FORWARD:
<add your static rules here>
<create some rules to restrict the scope of upnpd
(like drop connections to ports < 1024)>
jump UPNPD_forward
<do the normal drop/log/reject/accounting rules>Thanks,
Paul
------------------------------------------------------- This SF.net email is sponsored by Demarc: A global provider of Threat Management Solutions. Download our HomeAdmin security software for free today! http://www.demarc.com/info/Sentarus/hamr30
_______________________________________________ leaf-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/leaf-devel
