Re: [Shorewall-users] ACL Support?

Mon, 26 Nov 2012 11:20:06 -0800 

Thanks Tom--that's exactly what I'm looking for.

-A


On Mon, Nov 26, 2012 at 11:05 AM, Tom Eastep <[email protected]> wrote:

> On 11/26/2012 10:23 AM, Aaron C. de Bruyn wrote:
> > Is there an easier way to do ACLs in Shorewall?
> > I am currently writing out lots of lines in the rules file that differ
> > only by an IP address.
> >
> > Instead of writing rules like:
> > SSH(ACCEPT)    wan:some.ip.addr     dmz    tcp   22
> > SSH(ACCEPT)    wan:ano.ther.ip.addr     dmz    tcp   22
> > SSH(ACCEPT)    wan:home.ip.addr     dmz    tcp   22
> >
> > Can I do something like:
> > #/etc/shorewall/acls
> > trusted    some.ip.addr
> > trusted    ano.ther.ip.addr
> > trusted    home.ip.addr
> >
> > #/etc/shorewall/rules
> > SSH(ACCEPT)   wan:trusted  dmz tcp 22
> >
> > Am I missing something in the docs?
>
> ipsets?
>
> -Tom
> --
> Tom Eastep        \ When I die, I want to go like my Grandfather who
> Shoreline,         \ died peacefully in his sleep. Not screaming like
> Washington, USA     \ all of the passengers in his car
> http://shorewall.net \________________________________________________
>
>
> ------------------------------------------------------------------------------
> Monitor your physical, virtual and cloud infrastructure from a single
> web console. Get in-depth insight into apps, servers, databases, vmware,
> SAP, cloud infrastructure, etc. Download 30-day Free Trial.
> Pricing starts from $795 for 25 servers or applications!
> http://p.sf.net/sfu/zoho_dev2dev_nov
> _______________________________________________
> Shorewall-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/shorewall-users
>

------------------------------------------------------------------------------
Monitor your physical, virtual and cloud infrastructure from a single
web console. Get in-depth insight into apps, servers, databases, vmware,
SAP, cloud infrastructure, etc. Download 30-day Free Trial.
Pricing starts from $795 for 25 servers or applications!
http://p.sf.net/sfu/zoho_dev2dev_nov
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users

Reply via email to