On 3/4/13 7:21 PM, "Guilsson Guilsson" <[email protected]> wrote:
> I understand the order is important on file /etc/shorewall/policy.
> But,if I create all possible combinations for the defined zones:
> # for a in fw loc dmz net; do for b in fw loc dmz net; do echo $a $b REJECT
> info; done; done
> and ending the above list with "all all DROP info"
> is the order still important ?
No. But in general you don't want REJECT for the policy from a zone to
itself. And if you do not, then you can accomplish the same thing with:
/etc/shorewall/shorewall.conf
EXPAND_POLICIES=Yes
/etc/shorewall/policy
all all REJECT info
-Tom
You do not need a parachute to skydive. You only need a parachute to skydive
twice.
------------------------------------------------------------------------------
Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics
Download AppDynamics Lite for free today:
http://p.sf.net/sfu/appdyn_d2d_feb
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
