Thanks Tom, I am going to try the following rules:
NFQUEUE(0) net $FW tcp - 80,443 NFQUEUE(0) $FW net tcp - 80,443 ... and will report back. The server uses the only ethernet interface we have. And that interface is assigned to the 'net' zone. Is this what you mean? -----Original Message----- From: Tom Eastep Sent: Monday, May 18, 2015 9:25 AM To: [email protected] Subject: Re: [Shorewall-users] Shorewall with Suricata in IPS mode ------------------------------------------------------------------------------ One dashboard for servers and applications across Physical-Virtual-Cloud Widest out-of-the-box monitoring support with 50+ applications Performance metrics, stats and reports that give you Actionable Insights Deep dive visibility with transaction tracing using APM Insight. http://ad.doubleclick.net/ddm/clk/290420510;117567292;y _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users ------------------------------------------------------------------------------ One dashboard for servers and applications across Physical-Virtual-Cloud Widest out-of-the-box monitoring support with 50+ applications Performance metrics, stats and reports that give you Actionable Insights Deep dive visibility with transaction tracing using APM Insight. http://ad.doubleclick.net/ddm/clk/290420510;117567292;y _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
