On 23/05/2012 20:50, Lee Brown wrote: > Oh, I hadn't realized that, thank you. Shorewall is only used to > configure iptables, I modify chains directly after that as my > shorewall restart cycle is rather slow (rules/zones need serious > cleaning up.) > Once I identify the chain that implements the maclist, I can > add/remove rules from that to implement what I need. >
Implement your blacklist using a rule and an ipset. Then you can just externally adjust the ipset pretty much instantly. Note dnsmasq also has the option to run a script on allocation of a new lease - additionally it's lease file is easily accessible Good luck Ed W ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
