Re: [Shorewall-users] Google Ipset

Bertrand Friconneau Fri, 05 Apr 2019 04:04:12 -0700

Thanks for the help.

Unfortunately, it's not already working :


Here is the new configuration of "/etc/shorewall/policy"

#SOURCE         DEST            POLICY          LOG LEVEL LIMIT:BURST
fw                     all                ACCEPT
fw                     gm4il           ACCEPT
all                     all                REJECT         debug


But there is an error message :

ERROR: Policy "fw gm4il ACCEPT" duplicates earlier policy "fw gm4ilACCEPT" /etc/shorewall/policy (line 3



I tried others :
fw                     gm4il:net           ACCEPT

fw                     +gm4il           ACCEPT

fw                     all:gm4il           ACCEPT


But the messages are : unknown zone or empty zone



Le 02/04/2019 à 16:46, Tom Eastep a écrit :

On 4/1/19 11:14 PM, Bertrand Friconneau wrote:

Here is the file "/etc/shorewall/policy"

#SOURCE         DEST            POLICY          LOG LEVEL       LIMIT:BURST
fw              all             ACCEPT
all             all             REJECT         debug

So, connections from the firewall are accepted to all zones but all
other connections are denied. So the firewall itself should be able to
access the gm4il zone and that is all (unless you add specific rules).

-Tom



_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users

_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users

Re: [Shorewall-users] Google Ipset

Reply via email to