On 4/17/07, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > Basically I want to do this: allow unrestricted VPN traffic to flow through > the servers (which works now, thanks to your articles), but not allow access > to any service to anyone unless they are on the vpn. (unable to check email, > download files, or do anything to my server) I will need to allow the email > server to receive emails at any time of course. I was thinking something > like this in the macro.files
All you need is a policy which goes something like vpn fw ACCEPT By default all services are blocked. After this add rules as you see fit to allow only those services which you are ready to expose. ACCEPT net fw tcp 25 # for email smtp server Prasanna. ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
