On 10/14/10 2:59 PM, mike lan wrote: > > > On Sat, Oct 9, 2010 at 8:02 PM, Christ Schlacta <aarc...@gmail.com > <mailto:aarc...@gmail.com>> wrote: > > sounds pretty simple, your policy file should only have > all all drop > and your rules should have something like > ACCEPT src dest tcp 8080 > > replace src and dest with the appropriate src and dest, or use > 0.0.0.0/0 <http://0.0.0.0/0> to let anything from or to anywhere on > port 8080 pass. > > anything else should be trivial if you follow the howtos. > > > > what are the appropiate src and dest ? > I've put $FW as src > but what do i need to put as "dest" , I've assigned it the ip adress on > the lan > > and I got on "shorewall start" > ERROR: Missing destination zone : /etc/shorewall/rules (line 19)
Please start by following the standalone Quickstart Guide (http://www.shorewall.net/standalone.htm). That will give you a working firewall that allows all outgoing connections. It has two zones: 1. $FW = fw 2. net You are welcome to try to modify the configuration that you will get from that HOWTO to do what you want. a) Add a REJECT policy for fw->net b) Add all necessary fw->net ACCEPT rules for the outgoing traffic that you want to allow. Don't forget: 1. DNS 2. Distribution Updates -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Download new Adobe(R) Flash(R) Builder(TM) 4 The new Adobe(R) Flex(R) 4 and Flash(R) Builder(TM) 4 (formerly Flex(R) Builder(TM)) enable the development of rich applications that run across multiple browsers and platforms. Download your free trials today! http://p.sf.net/sfu/adobe-dev2dev
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
