[Shorewall-users] Quick Start Guide
Wed, 10 Apr 2002 14:21:01 +0100
On Tue, 9 Apr 2002 17:20:47 -0700 (Pacific Daylight Time)
Tom Eastep <firstname.lastname@example.org> wrote:
> Version 1.0 of the Quick Start Guide and accompanying sample
> configurations is available at:
> Comments and suggestions are most welcome.
Impressively quickly done.
I have a few idiot questions that arise:
I wasn't clear about the zones in a standalone system. The document
implies that you just have "net", but shouldn't there be a zone for the
machine too, i.e. for 127.0.0.1? I thought there ought to be a rule that
permits everything that doesn't go outside the machine, otherwise you may
not be able to print, which I can't with the default setup, (using CUPS).
Also, I assume my CM is outside the fw and is thus part of the net zone,
but I wasn't clear how to define a rule that allowed me to get my browser
to connect to it's IP (192.168.100.1) to read the status info, given the
norfc1918 option. I tried
ACCEPT net:192.168.100.1 fw tcp 80
but that didn't work
FYI one tiny typo in ZONE line of interfaces: "Much match" "Must match" ?
Political Science Resources http://www.psr.keele.ac.uk/
UK-Euro FAQ http://www.psr.keele.ac.uk/docs/efaq.htm