[Shorewall-users] AD-Filter?

Tom Eastep teastep@shorewall.net
Sat, 12 Jan 2002 13:09:53 -0800


On Saturday 12 January 2002 01:06 pm, spiridon wrote:
> That would be great!
>

I'm actually going to do it somewhat differently to make it more efficien=
t.

a) There will be a /etc/shorewall/filter file -- format similar to blackl=
ist=20
file.

b) In the /etc/shorewall/rules, there will be a new FILTER target. When a=
=20
connection requests matches a FILTER rule, the destination IP address is=20
checked against the /etc/shorewall/filter file:

   - If there is a match, the connection request is REJECTed
   - If there is no match, the connection request is ACCEPTed

-Tom
--=20
Tom Eastep    \ A Firewall for Linux 2.4.*
AIM: tmeastep  \ http://www.shorewall.net
ICQ: #60745924  \ teastep@shorewall.net
-------------------------------------------