[Shorewall-users] Naive newbie question about trusted IP addresses

Paul Gear paulgear@bigfoot.com
Tue, 09 Apr 2002 05:22:58 +1000

Richard Kimber wrote:

> I've just installed shorewall (I used the single user setup) on Mandrake
> 8.1.  I see there is a blacklist file, but how do I handle the opposite?
> I.e. where do I list the IP addresses of trusted hosts that I should let
> through regardless?

There's no exact opposite to blacklist.  What you need to do is set up a
zone that permits the traffic you want.  Use the zones/hosts/interfaces
files to create your zone, then create an allow policy in the policy file.

Alternatively, if your list of hosts is small and fixed, and they are a
part of a (much larger) zone, it may be more practical just to throw in a
couple of allow rules in your rules file.  See the examples there and in
the documentation for details.