On Sep 27, 2011, at 3:31 PM, Mr Dash Four wrote: > I am increasingly getting frustrated by the following 2 > blacklist/whitelist limitations: 1) they are applied to all zones; and > 2) I cannot specify owner/user id (handy where the direction is fw2XX > and traffic can be restricted/allowed by owner id). > > Would it be possible to introduce another option in the "options" column > specifying the zone to which the defined address/subnet applies? That, > combined with the existing src/dst option should be enough to narrow it > down to a specific branch of that zone. Same query with the user > id/owner - can there be an additional column in the blacklist file for > this? Obviously, that will only be applicable to outgoing traffic. >
Seems to me that we are re-inventing the wheel here. Everything you want can already be done in the rules file. -Tom Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ All the data continuously generated in your IT infrastructure contains a definitive record of customers, application performance, security threats, fraudulent activity and more. Splunk takes this data and makes sense of it. Business sense. IT sense. Common sense. http://p.sf.net/sfu/splunk-d2dcopy1 _______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
