Hello there, I'd like to understand something. Today I tried to blacklist one single IP via the /etc/shorewall/blacklist file (+ blacklist option activated on my "net" interfaces + shorewall restarted) I couldn't block the trafic through my gateway (= my shorewall)
I saw with iptables a new chain "blacklst", containing one DROP rules with the IP I tried to block. The byte counter didn't increase, but the byte counter for the blacklst chain did. The trafic (from net -> dmz) was still going on. So I decided to insert (not append) a DROP rule directly with iptables (in INPUT chain), still not working. Then I decided to insert the same in the FORWARD chain, the traffic stopped, which I can understand because it was some trafic "through" the FW. ==> Question: what does the blacklist option do / do not? not adding in FORWARD ? not adding everywhere, let say? Have I done something wrong? Thank you, JM. (running Debian "stable", shorewall 3.2.6-2, linux 2.6.17.8 smp i686) ------------------------------------------------------------------------------ This SF.net email is sponsored by: SourcForge Community SourceForge wants to tell your story. http://p.sf.net/sfu/sf-spreadtheword _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
