Rhon wrote: > Hi Tom, > > Thanks for your reply. Here's some of the details of my firewall > > /etc/shorewall/interfaces > #ZONE INTERFACE BROADCAST OPTIONS > net eth0 detect > net eth1 detect > ... > /etc/shorewall/policy > #SOURCE DEST POLICY LOG LIMIT:BURST > # LEVEL > ... > net all DROP info > ... > I want to allow one host to have direct connection to the Internet. How > can I possibly do this?
Based on what you've described, your firewall should already be allowing this traffic, since eth0 & eth1 are in the same zone (net). If i remember correctly there's no restriction on intra-zone traffic, no matter what the policies are. Paul ------------------------------------------------------------------------- Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
