Rhon wrote:
Hi,Is there any way I can allow my internal server to bypass the firewall and have direct connection? I usually do it using this rule:
You are not "bypassing the firewall"; you are configuring your firewall to allow certain traffic.
# Allow this IP to have direct connectioniptables -A FORWARD -i eth0 -d 192.168.1.100/24 <http://192.168.1.100/24> -j ACCEPT iptables -A FORWARD -i eth1 -s 192.168.1.100/24 <http://192.168.1.100/24> -j ACCEPTHow can I convert it to fit shorewall rules?
There is no way to directly convert those rules without more information about your setup. When using Shorewall, you must describe your firewall in Shorewall terms (zones, policies and rules) rather than in raw iptables terms (interfaces and networks).
So if you will tell us about your network topology and Shorewall configuration, we can then advise you how to configure Shorewall to obtain similar results.
-Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
