> For example, "src,vpn,whitelist" uniquely identifies this, I think, as > a "RETURN" condition in the blackout chain name (or whatever name you > decide to call this) to be included/added in the fw2vpn chain. > Similarly, "src,vpn" would identify a "DROP" condition for the > blackout chain to be included on the fw2vpn chain - the same principle > applies. I am, obviously, simplifying this (and there are probably > more complex scenarios than that), but this is to clarify that the > inclusion of a zone name is only for the purpose of identifying where > this whitelist/blacklist condition goes. If there is another - easier > - way, that so be it. "src" should really be "dst" - I am getting a bit mushy today!
------------------------------------------------------------------------------ All the data continuously generated in your IT infrastructure contains a definitive record of customers, application performance, security threats, fraudulent activity and more. Splunk takes this data and makes sense of it. Business sense. IT sense. Common sense. http://p.sf.net/sfu/splunk-d2dcopy1 _______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
