On þri, 2008-05-20 at 08:54 -0700, Tom Eastep wrote: > The advantage of this approach is that only TCP connections to port 80 > go > through the 'hiis' action chain. If you do it as Paul suggests, ALL > connection requests go through a series of 5 rules, each of which > tests for > tcp port 80 and a particular source network. That is more efficient, especially if there are many rules.
Thanks for showing me this possibility. -- Kindest Regards, Anna Jonna Ármannsdóttir, %& A: Because people read from top to bottom. Unix System Aministration, Computing Services, %& Q: Why is top posting bad? University of Iceland. ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
