Hi, Am 16.06.10 11:55, schrieb Derek Lewis: > Here are my current shorewall policies and rules. I intended to allow > traffic through to the firewall explicitly via ip address and port # > though I think my rules are flawed. I can still ping an external > address which I thought required port 80 to open and an ACCEPT action > for the address in question.
If you like to handel and controll all traffic by rules, than you should not allow anything by default/policy ... ping is not using port 80 (with udp or tcp) ... it is using icmp. http://en.wikipedia.org/wiki/Ping and http://en.wikipedia.org/wiki/Internet_Control_Message_Protocol >From which host do you try to ping which host? <...> /Götz -- Götz Reinicke IT-Koordinator Tel. +49 7141 969 420 Fax +49 7141 969 55 420 E-Mail [email protected] Filmakademie Baden-Württemberg GmbH Akademiehof 10 71638 Ludwigsburg www.filmakademie.de Eintragung Amtsgericht Stuttgart HRB 205016 Vorsitzende des Aufsichtsrats: Prof. Dr. Claudia Hübner Geschäftsführer: Prof. Thomas Schadt ------------------------------------------------------------------------------ ThinkGeek and WIRED's GeekDad team up for the Ultimate GeekDad Father's Day Giveaway. ONE MASSIVE PRIZE to the lucky parental unit. See the prize list and enter to win: http://p.sf.net/sfu/thinkgeek-promo _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
