I'm trying to divide my local network into sections, I have defined the
following "sub-subnets" :
kids eth0:192.168.2.192/26
voks eth0:192.168.2.128/26
stat eth0:192.168.2.127/25
With some dhcp rules, I assign different addresses to the kidds computers,
than to the other computers.
What I wanted is that the kidds doesn't have access to SSH on the firewall,
only computers in the voks zone.
I have tried to make the following rule :
SSH/ACCEPT voks $FW
But that just shuts down access to SSH on the server, the normal rule :
SSH/ACCEPT loc $FW
works ok, and I can connect to the firewall using ssh (but also from the
kids "network"
I know that it is rather easy to circumvent my lockups, but I don't expect
the kidds to know how to change the IP address of their computer yet (they
are 10 and 8 years, which should give me a couple of years before they
figure something out :))
Also It is just for my own "fun" and learning that I want to set it up
Regards
Thomas
------------------------------------------------------------------------------
Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA
-OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise
-Strategies to boost innovation and cut costs with open source participation
-Receive a $600 discount off the registration fee with the source code: SFAD
http://p.sf.net/sfu/XcvMzF8H
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
