Sent from my iPad
On Apr 22, 2012, at 10:05 AM, Ed W <[email protected]> wrote: > On 22/04/2012 17:22, Tom Eastep wrote: >> Reject traffic going out of an interface if it doesn't have the correct >> mark. > > Seems too obvious... > > I'm just trying now. I really want to write this: > > DROP:info any !net:eth0 - - > - - - - 0x10000/0xF0000 > > But I can't negate a destination right? Invert the test! Tom ------------------------------------------------------------------------------ For Developers, A Lot Can Happen In A Second. Boundary is the first to Know...and Tell You. Monitor Your Applications in Ultra-Fine Resolution. Try it FREE! http://p.sf.net/sfu/Boundary-d2dvs2 _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
