[Shorewall-newbies] SOURCE in rules

Francesca C Smith fsmith at ladylinux.com
Mon Dec 8 15:06:53 PST 2003


Hello,



> But I want to force MAC verification only for connections to certain
> ports, not for all connections from the net zone to the fw zone. That
> is
> why the natural place for this directive would appear to be the rules
> file. If this is not possible, maybe a possible solution would be to
> define a special zone including the computers  which should be subject
> to MAC verification; since this special zone and net would both
> correspond to eth0, they had to be defined in the hosts file; the
> problem is: how can I define the net zone, which corresponds to all
> NICs except the ones corresponding to the special zone?


Thats what the idea behind Whitelisting .. 

http://www.shorewall.net/whitelisting_under_shorewall.htm

Francesca





More information about the Shorewall-newbies mailing list