On Mon, 2008-09-08 at 14:57 -0700, Tom Eastep wrote: > Define the rules in terms of dynamic zones (preferably defined using ipsets > rather than the deprecated DYNAMIC_ZONES=Yes), then simply add an address to > the appropriate set when the client logs on and remove it from the set when > the client logs off.
I did take a peek at dynamic zones. Just to be sure I understand completely, if every one of my peers had different rulesets, I'd need a dynamic zone for each peer, yes? Are there any scaling issues associated with having a lot of dynamic zones? b.
signature.asc
Description: This is a digitally signed message part
------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
