On 10/26/10 8:11 AM, Harry Lachanas wrote: > Only because my client doesn't have a static IP address and i don t want >>> to open ports for everybody ... >>> Am i wrong to try that ? >> Yes. Why don't you match on MAC address instead? >> >> -Tom >> > I suppose that you want to open ports from the net side of your fw.
I was assuming that the ports were to be opened from the LAN side of the fw. For the net side, Harry's approach is the correct one unless all of the 'clients' are on the same LAN as the 'net' fw interface. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Nokia and AT&T present the 2010 Calling All Innovators-North America contest Create new apps & games for the Nokia N8 for consumers in U.S. and Canada $10 million total in prizes - $4M cash, 500 devices, nearly $6M in marketing Develop with Nokia Qt SDK, Web Runtime, or Java and Publish to Ovi Store http://p.sf.net/sfu/nokia-dev2dev
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
