-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On 06/06/2017 12:10 PM, Matt Darfeuille wrote:
> On 6/6/2017 10:36 AM, Jaryn Znosa wrote:
>> Hi guys, thanks for a such great piece of software. We are using
>> shorewall lite with variable for IP address (like &{myAddress})
>> and we need the same functionality for the destination port
>> column. What is the best way to achieve that?
>>
>
> You could define a variable in the params file and then use that
> variable in the rules file.
>
> EG:
>
> /etc/shorewall/params
>
> PORT=22,56-99
>
> /etc/shorewall/rules
>
> ACCEPT $FW net tcp $PORT
>
> You could apply that scheme to any columns.
>
Such variables, however, are expanded at compile time whereas address
variables are expanded at run-time. The distinction is expecially
important when using Shorewall[6]-lite. Unfortunately, Shorewall does
not currently support runtime port number variables.
Jaryn -- what is the use case for such variables?
Thanks,
- -Tom
- --
Tom Eastep \ Q: What do you get when you cross a mobster with
Shoreline, \ an international standard?
Washington, USA \ A: Someone who makes you an offer you can't
http://shorewall.org \ understand
\_______________________________________________
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
Comment: GPGTools - http://gpgtools.org
iQIcBAEBCAAGBQJZNxa3AAoJEJbms/JCOk0QkwIP/24gtbfG7P95PruaJ4NIfYHp
yjiYST63h/Ewt0aQngjT7ohN9JTZLKI0TKhKL0XD3HbxTkFF87Z+PiX6T3/IEbyM
kShOJz47Y5UT4r+XOF4Nj1asSI2ZNM6Dze1+QIQnR3pfjaFRXEW4/2O5Qb7gRvwh
t+lyOcFBSh995lZUGQALexiulQrTO9d9V/0pl56MrMSTV5u2Mrgg6FBTJPLUMZAE
9QMq/qKFffZWdY+zseLHy4SXwoss7OrEfCdZy7Pnsqzfo4ksps51KkcqLG5kFBUz
SZTYRtaneeIScLRC2hG6rJ/aQ1bf4i1bnCV59acY5b8ycrvZ0qx+pkNrYFukMny9
8qwqwH1kw6iFxeZwcVDfZVFNm1fFFsYOiYf/EGvA6tqj2Yg8tibZp7flOUJQLkgI
kKVK0LK7COpMdaZafjvZkqdXqxWl6+NA9ECpvIpgq//BaZaHM7hQbyS8JD1wJ1mu
zABb0X6KbfW95BtIqGSCOtV6d4bf2CU93XP/xwIAEQr7BpFeiJrVffyQdRhNuicr
jmZFMSaGe+775Rymh4TQAtTsWh4fYlMHAxx9SiPHVE9hAHx6Wz5TCjzJLNwQMp7k
74kVmqz17EMVTeqr9rgAWQL3x+Fi1hS5GYRzRsb4ZL7sTiqTse9h7FpCj4VXYyz+
VYVS+gfUZaYFHZsAuQJV
=tm2k
-----END PGP SIGNATURE-----
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
