| 1 |
> > I don't know, now that I've set up shorewall on my router it seems |
| 2 |
> > like a simple matter to set it up on another machine. I should only |
| 3 |
> > need to edit a few config files with very light additions. |
| 4 |
> > |
| 5 |
> > - Grant |
| 6 |
> |
| 7 |
> Understand - to be honest I have moved to shorewall on almost all my |
| 8 |
> machines for uniformity, even though its rather more complex than |
| 9 |
> needed. |
| 10 |
> |
| 11 |
> |
| 12 |
> BillK |
| 13 |
|
| 14 |
How does this /etc/shorewall/rules look for my router? |
| 15 |
|
| 16 |
DNS/ACCEPT $FW net |
| 17 |
Ping/REJECT net $FW |
| 18 |
DNAT net loc:192.168.0.3 tcp 50000 |
| 19 |
DNAT net loc:192.168.0.3 udp 50000 |
| 20 |
ACCEPT $FW loc icmp |
| 21 |
ACCEPT $FW net icmp |
| 22 |
|
| 23 |
Does this reject ssh requests from the net zone or do I need to |
| 24 |
specify that? It looks like maybe there is another set of basic |
| 25 |
ACCEPT/REJECT configs that this is modifying. Does anyone know which |
| 26 |
file that might reside in? If this looks good I'll set up something |
| 27 |
similar on the laptop. |
| 28 |
|
| 29 |
- Grant |
| 30 |
-- |
| 31 |
gentoo-user@g.o mailing list |
Archives