[Shorewall-newbies] SOURCE in rules
jalmeida at math.ist.utl.pt
Mon Dec 8 16:08:23 PST 2003
I could use some help with the syntax for source restricting in
Suppose that the variables SOME_IP and SOME_MAC are set in
/etc/shorewall/params (where SOME_IP is an IP number and SOME_MAC is a
hardware address in the shorewall format). What would the following line in
ACCEPT net:$SOME_IP,$SOME_MAC fw tcp 22
I'm assuming that a tcp connection to port 22 would be accepted if
it came from the $SOME_IP ip *OR* from the $SOME_MAC hardware address.
Am I right?
Now, suppose that I want to accept connections from a unique NIC,
identified by both its ip number *AND* its hardware address, for good
measure (call me paranoid). If $SOME_IP and $SOME_MAC correspond to the
same NIC, would the following line do the job?
ACCEPT net:$SOME_IP:$SOME_MAC fw tcp 22
(All this refers to a standalone machine setup with standard
More information about the Shorewall-newbies