> On Friday 20 March 2009 15:56:43 List Receiver wrote: > > No, there is no 4,5,6...this is happening on the same connection. > The PDA > > gets a private IP from the cell provider, and they NAT outbound > traffic > > from a pool of public IP's. I have no control over their NAT, so I > can't > > dictate which of the public IP's in the pool each of my connections > comes > > from. > > Ok sorry for misunderstanding. So, given Tom's answer probably the > quickest > solution is to accept only ssh connections from that range on a non > standard > port enabling keys as well. >
No problem. Unfortunately, I'm not aware of knowing all of the public IP ranges that T-mobile might shove them into, so that's going to be difficult. I wonder if I could somehow create a custom action that would see/intercept the IP from the recent match, but create a rule with /24 as the subnet rather than the default /32? ------------------------------------------------------------------------------ Apps built with the Adobe(R) Flex(R) framework and Flex Builder(TM) are powering Web 2.0 with engaging, cross-platform capabilities. Quickly and easily build your RIAs with Flex Builder, the Eclipse(TM)based development software that enables intelligent coding and step-through debugging. Download the free 60 day trial. http://p.sf.net/sfu/www-adobe-com _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
