On 04/09/2013 08:46 AM, Mr Dash Four wrote: > >>> OK, I have a couple of queries: was there a reason for including the >>> protocol and port number columns? That adds an unnecessary complexity to >>> me in my view - what if I want to use ipsets as protocol & port numbers? >>> I am also assuming that this is a destination port - what happens if a >>> source port is needed instead? >>> >>> Could you not just leave the syntax as "INLINE <src> <dst> ; >>> <the_rest_of_the_statement>"? >>> >> >> I'm *requiring* protocol and port numbers; but you can specify them if >> you want. In fact, you can specify *any* of the existing columns but the >> only columns that are required are SOURCE and DEST. >> > Erm, you've lost me. > > On one hand you are "requiring protocol and port numbers", but on the > other "the only columns that are required are SOURCE and DEST" - that's > a bit contradictory. So to just make it clear - if I specify "INLINE $FW > net ; -p tcp --dport 1234 -m mickey-mouse --name foo -j SECCTX --name > foo2" or "INLINE $FW net ; -j SECCTX --name foo2", would that be OK with > shorewall (provided I've included "SECCTX builtin" in my "actions", of > course)? >
Sorry -- I'm trying to do 12 things at once. I am *not* requiring any columns except SOURCE and DEST. Your examples would work fine. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Precog is a next-generation analytics platform capable of advanced analytics on semi-structured data. The platform includes APIs for building apps and a phenomenal toolset for data science. Developers can use our toolset for easy data analysis & visualization. Get a free account! http://www2.precog.com/precogplatform/slashdotnewsletter
_______________________________________________ Shorewall-devel mailing list Shorewall-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-devel
