Grant wrote: > I'm trying to REJECT all traffic from the net to my system with 2 > exceptions. I'd like to DROP traffic coming into port 99 and ACCEPT > traffic coming into port 99 if it comes from a certain IP address. > > policy: > net all REJECT info > > rules: > DROP net $FW tcp 99 > DROP net $FW udp 99 > ACCEPT net:1.2.3.4 $FW tcp 99 > ACCEPT net:1.2.3.4 $FW udp 99 > > This ends up dropping all traffic to port 99 regardless of originating > IP address. Can I do what I described?
Put the rules in the order in which you want them applied. ------------------------------------------------------------------------------ This SF.net email is sponsored by: SourcForge Community SourceForge wants to tell your story. http://p.sf.net/sfu/sf-spreadtheword _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
