If you are needing to adjust lists of IP's frequently then I'd suggest either using the shorewall dynamic features though not familiar with those so can't offer much advise or alternatively do you have ipset match in your kernel? You can easily edit your list on the fly then whenever you want to.
On 28/02/13 02:40, Wilson A. Galafassi Jr. wrote: > and i have the need to some hosts in the internal network to be whitelisted > and doesn't be affected by the blacklist. If I use dynamic blacklist the > whitelist function works in the same way? > > -----Mensagem original----- > De: Tom Eastep [mailto:[email protected]] > Enviada em: quarta-feira, 27 de fevereiro de 2013 21:46 > Para: Shorewall Users > Assunto: Re: [Shorewall-users] RES: RES: blacklist and whitelist > > On 2/27/13 4:35 PM, "Benny Pedersen" <[email protected]> wrote: > >> Wilson A. Galafassi Jr. skrev den 2013-02-28 01:09: >>> If i use shorewall restar the blocking works fine, but If I use >>> shorewall refresh doesn't but the rule appear using iptables -L >> yes as you see a restart is needed to reconfigure iptables rules, if >> you want to have dynamic blacklist then use shorewall allow <ip> or >> shorewall drop <ip> both have log variants, but it will help me if you >> show why you need to reload/restart firewall > By default, 'refresh' reloads all blacklist chains. But if new chains are > added, 'refresh' won't create jumps to those chains; that requires > 'restart'. > > -Tom > You do not need a parachute to skydive. You only need a parachute to skydive > twice. > > > > > > ---------------------------------------------------------------------------- > -- > Everyone hates slow websites. So do we. > Make your web apps faster with AppDynamics Download AppDynamics Lite for > free today: > http://p.sf.net/sfu/appdyn_d2d_feb > _______________________________________________ > Shorewall-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/shorewall-users > > > ------------------------------------------------------------------------------ > Everyone hates slow websites. So do we. > Make your web apps faster with AppDynamics > Download AppDynamics Lite for free today: > http://p.sf.net/sfu/appdyn_d2d_feb > _______________________________________________ > Shorewall-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/shorewall-users
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Everyone hates slow websites. So do we. Make your web apps faster with AppDynamics Download AppDynamics Lite for free today: http://p.sf.net/sfu/appdyn_d2d_feb
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
