[Shorewall-newbies] A few shorewall questions

David Shepherd sdave at ufl.edu
Sun Feb 22 11:40:34 PST 2004


What is the ethN_mac chain?  What file is that or how do I go about
doing that?  I'm going to do some searching on your website for it but
if you could point me in the right direction that would be great.  I am
very new to this and I appreciate your quick responses.

Dave

-----Original Message-----
From: Tom Eastep [mailto:teastep at shorewall.net] 
Sent: Sunday, February 22, 2004 2:31 PM
To: David Shepherd
Cc: shorewall-newbies at lists.shorewall.net
Subject: RE: [Shorewall-newbies] A few shorewall questions

On Sun, 22 Feb 2004, David Shepherd wrote:

> Okay, I will probably just have something that automatically restarts
> shorewall every 24 hours so that maclist will get updated every night.
> Maybe at like 5 am in the morning when our usage is low.  So at least
it
> is possible to have the maclist only allow the macs on its list.
>
> > When you said this:
> > Note though that there is nothing preventing your script from
> inserting a > rule into the chain ethN_mac where ethN is the internal
> interface used for > internet access.
>
> Do you mean instead of using the maclist, should I just insert rules
for
> these mac addresses to allow them to access the net?
>

No, I mean add the MAC to the maclist file (so that it will be there if
you need to restart Shorewall) AND add the rule to the ethN_mac chain
(so
that the person can immediately access the net).

-Tom
--
Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep at shorewall.net



More information about the Shorewall-newbies mailing list