> Seems to me that we are re-inventing the wheel here. Everything you want can > already be done in the rules file. > Not really! blacklist/whitelist entries are usually the first and precede anything else in a given chain - its their most valuable asset and is the reason I'd like these new features implemented in them.
I know I could place a bunch of rules in the "rules" file, but they will be useless, because: 1) the blacklist/whitelist will already have been checked; and 2) These rules will be after anything that usually gets processed in a given chain - related/established connection rules, dropInvalid and various other macros as well. ------------------------------------------------------------------------------ All the data continuously generated in your IT infrastructure contains a definitive record of customers, application performance, security threats, fraudulent activity and more. Splunk takes this data and makes sense of it. Business sense. IT sense. Common sense. http://p.sf.net/sfu/splunk-d2dcopy1 _______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
