On 10/04/2012 02:49 PM, I.S.C. William wrote: > > > Yes but .. what's this attempt, because I worked in another shorewall > and in this no, what I want is ... > > Allow entire LAN to browse secure sites (https), but .. Reject the > output of the entire network LAN segments to public IP (NET_LIST) on the > internet and only have access to these segments MAC addresses are > listed, MAC_LIST. > > I hope I explained better .. thanks ..
REJECT loc:!$MAC_List net:$NET_LIST ACCEPT loc net tcp 443 -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ Don't let slow site performance ruin your business. Deploy New Relic APM Deploy New Relic app performance management and know exactly what is happening inside your Ruby, Python, PHP, Java, and .NET app Try New Relic at no cost today and get our sweet Data Nerd shirt too! http://p.sf.net/sfu/newrelic-dev2dev _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
