Lucky Leavell wrote: > When using v2 we would modify the saved /var/lib/shorewall/restore file to > modify logging so we had separate counts by the physical device the > packets (actually, NEW connections, not total packet counts), such as: > > -A LogStuff -j LOG etc > -A LogStuff -m physdev --physdev-in eth1 -j DROP > -A LogStuff -m physdev --physdev-in eth2 -j DROP > > which gave us an idea where dropped traffic cam from (external internet or > local lan). > > Is there an easy way of doing this within Shorewall such as the macro > facility or what? >
I guess I don't understand what you are trying to accomplish, given the above snippet. But you can create similar rules using an action with an extension script: http://www.shorewall.net/Actions.html#Extension -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
