1 |
> > I don't know, now that I've set up shorewall on my router it seems |
2 |
> > like a simple matter to set it up on another machine. I should only |
3 |
> > need to edit a few config files with very light additions. |
4 |
> > |
5 |
> > - Grant |
6 |
> |
7 |
> Understand - to be honest I have moved to shorewall on almost all my |
8 |
> machines for uniformity, even though its rather more complex than |
9 |
> needed. |
10 |
> |
11 |
> |
12 |
> BillK |
13 |
|
14 |
How does this /etc/shorewall/rules look for my router? |
15 |
|
16 |
DNS/ACCEPT $FW net |
17 |
Ping/REJECT net $FW |
18 |
DNAT net loc:192.168.0.3 tcp 50000 |
19 |
DNAT net loc:192.168.0.3 udp 50000 |
20 |
ACCEPT $FW loc icmp |
21 |
ACCEPT $FW net icmp |
22 |
|
23 |
Does this reject ssh requests from the net zone or do I need to |
24 |
specify that? It looks like maybe there is another set of basic |
25 |
ACCEPT/REJECT configs that this is modifying. Does anyone know which |
26 |
file that might reside in? If this looks good I'll set up something |
27 |
similar on the laptop. |
28 |
|
29 |
- Grant |
30 |
-- |
31 |
gentoo-user@g.o mailing list |