Tom Eastep wrote: > On 05/12/2013 07:58 AM, Dash Four wrote: > >> As I suggested earlier, the easiest way to implement this is to add an >> option to the interface (or zone?) definition which asks shorewall not >> to involve this interface (or zone) in any inter-chain rules (i.e. keep >> it local-only). That way all I have to do is add this option and forget >> messing about with "hosts" and stuff like that. >> >> The 'local' interface/zone can't possibly have any matching rules >> from/to other interfaces/zones, so to me it makes a perfect sense to use >> that option. Is this doable? >> > > Patch attached. It has uncovered an optimizer bug that is leaving a few > unreferenced chains behind; I'll chase that today. > Thanks, I'll test this later when I have the chance and will let you know. Is this option for the zone or the interface?
------------------------------------------------------------------------------ Learn Graph Databases - Download FREE O'Reilly Book "Graph Databases" is the definitive new guide to graph databases and their applications. This 200-page book is written by three acclaimed leaders in the field. The early access version is available now. Download your free book today! http://p.sf.net/sfu/neotech_d2d_may _______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
