Linux Advocate wrote: > Guys, > > i know i saw this somewhere but i cant seem to locate that info now... > > Scenario: > ............... > > I have a simple two interface firewall. The firewall machine also provides > some services to the LAN and to the NET. > What i would like to do is allow only a particular range of IPs frm the > internet to access those services. > > What do i need to do with my 'rules' file. Ideally i should be able to add ip > , remove ip as required. > > Can i make a file called 'Authorized_IP.txt' and use that?
No. But in /etc/shorewall/params, you can add:
Authorized=<ip1>,<ip2>,...,<ipn>
And in /etc/shorewall/rules:
ACCEPT net:$Authorized ...
See http://www.shorewall.net/configuration_file_basics.htm#Variables
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car
http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Crystal Reports - New Free Runtime and 30 Day Trial Check out the new simplified licensing option that enables unlimited royalty-free distribution of the report engine for externally facing server and web deployment. http://p.sf.net/sfu/businessobjects
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
