-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 12/16/2009 06:18 PM, kurniadi wrote: > Hi all, > > > I Try use shorewall rules with time element but its never works, the > rules look like this > > HTTPS(REJECT) loc > net:69.63.181.11,69.63.181.12,69.63.184.142,69.63.187.17,69.63.187.19 > localtz×tart=20:00×top=20:10&weekdays=Mon,Tue,Wed,Thu,Fri > > This rules for block https access to facebook site at working hours & > day My system is Debian lenny, shorewall 4.4.4.2 kernel > 2.6.30-bpo.2-amd64, the kernel module for time element already > support. >
Shorewall is not the proper tool for trying to limit traffic to a particular domain. You will never be able to keep up with the list of IP addresses used by facebook. See Shorewall FAQ 39 for more information. > proxycbb:/etc/shorewall# grep MATCH_TIME > /boot/config-2.6.30-bpo.2-amd64 CONFIG_NETFILTER_XT_MATCH_TIME=m > > And one thing /var/log/shorewall-init.log always empty, why ? Because no process is writing to it. What configuration options have you selected that makes you believe that the file should contain messages? - -Tom - -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.12 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org/ iEYEARECAAYFAkspmbQACgkQO/MAbZfjDLJGJACglbB9oUuYFCzscWn4HOpHgKP7 DIsAoMqCXVYaToXCKHXQotiMuiXwofJw =EQ1j -----END PGP SIGNATURE----- ------------------------------------------------------------------------------ This SF.Net email is sponsored by the Verizon Developer Community Take advantage of Verizon's best-in-class app development support A streamlined, 14 day to market process makes app distribution fast and easy Join now and get one step closer to millions of Verizon customers http://p.sf.net/sfu/verizon-dev2dev _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
