On 7/16/10 1:24 AM, Scott Ryan wrote: > I have traffic that comes in one interface and then goes out the same > interface and I would like to add a rule to log some connections: > > ACCEPT:info all ent:192.9.207.100,192.9.208.15 all - > > So the idea is to log anything that comes in through any zone and out > to 2 particular addresses in the ent zone. > The logging works only for traffic that comes from any zone other than > the ent zone. > > The the ent zone is on a routeback interface and there are multiple > networks behind it. > > Is this normal behaviour?
Yes. 'man shorewall-rules' and read about the various forms of 'all'. In your case, you want 'all+'. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ This SF.net email is sponsored by Sprint What will you do first with EVO, the first 4G phone? Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
