Tom Eastep wrote: > Bulgrien, Kevin wrote: > >> I have sent etc_shorewall_net2fw.tar.bz2 to you directly instead of >> over the list. >> > > Your net->all policy is CONTINUE. Since 'net' is not a sub-zone of any other > zone, rules from net->fw fall off the end of the world.
In other words, if you change your net->all policy to DROP or REJECT, then you won't need to extra rule. I've added a patch to 4.0.3 (Shell and Perl) to avoid this problem in the future Thanks, -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
