Hi! I have these rules in my shorewall-rules:
> # Allow ping to the callserver > Ping(ACCEPT) all fw > # Allow SSH to the callserver > ACCEPT all fw tcp 1337 > # Allow SIP traffic to the callserver from the internet > ACCEPT net fw udp 5060 > ACCEPT net fw tcp 5060 > ACCEPT net fw tcp 5061 I never used SECTIONS on any shorewall setups and started to read related docs. Should I use any SECTIONS? I tried setting the above under ALL which allowed the access but my "net -> fw DROP" policy had precedence over conntracking (for example ICMP or HTTP) on aswer packages. Seems like I do it wrong... ;-) Kind regards Kevin
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
