[Shorewall-newbies] SOURCE in rules
Francesca C Smith
fsmith at ladylinux.com
Mon Dec 8 15:06:53 PST 2003
> But I want to force MAC verification only for connections to certain
> ports, not for all connections from the net zone to the fw zone. That
> why the natural place for this directive would appear to be the rules
> file. If this is not possible, maybe a possible solution would be to
> define a special zone including the computers which should be subject
> to MAC verification; since this special zone and net would both
> correspond to eth0, they had to be defined in the hosts file; the
> problem is: how can I define the net zone, which corresponds to all
> NICs except the ones corresponding to the special zone?
Thats what the idea behind Whitelisting ..
More information about the Shorewall-newbies