>> OK, I have a couple of queries: was there a reason for including the >> protocol and port number columns? That adds an unnecessary complexity to >> me in my view - what if I want to use ipsets as protocol & port numbers? >> I am also assuming that this is a destination port - what happens if a >> source port is needed instead? >> >> Could you not just leave the syntax as "INLINE <src> <dst> ; >> <the_rest_of_the_statement>"? >> > > I'm *requiring* protocol and port numbers; but you can specify them if > you want. In fact, you can specify *any* of the existing columns but the > only columns that are required are SOURCE and DEST. > Erm, you've lost me.
On one hand you are "requiring protocol and port numbers", but on the other "the only columns that are required are SOURCE and DEST" - that's a bit contradictory. So to just make it clear - if I specify "INLINE $FW net ; -p tcp --dport 1234 -m mickey-mouse --name foo -j SECCTX --name foo2" or "INLINE $FW net ; -j SECCTX --name foo2", would that be OK with shorewall (provided I've included "SECCTX builtin" in my "actions", of course)? ------------------------------------------------------------------------------ Precog is a next-generation analytics platform capable of advanced analytics on semi-structured data. The platform includes APIs for building apps and a phenomenal toolset for data science. Developers can use our toolset for easy data analysis & visualization. Get a free account! http://www2.precog.com/precogplatform/slashdotnewsletter _______________________________________________ Shorewall-devel mailing list Shorewall-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-devel
