Isn't the following redundant: net $FW DROP info net loc DROP info net all DROP info
in that the last rule (net all) will DROP everything and therefore the only additional input for this interraction would be under rules. similarly loc net ACCEPT loc $FW REJECT loc all REJECT doesn't require the "loc $FW REJECT" line for the same reasons. True? Another question: I initially tried setting up my interfaces such that: net eth1 detect dhcp... loc eth0 detect dhcp... but no DHCP entry in rules. I got a lot of blocked UDP port 53 traffic. Where does the dhcp option come in (with the manpage instruction to include this) and how does that fit in with the DHCP rule. Do they both need to be present? redundant? Or is there something else in the background? ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
