[Shorewall-users] New Actions

Paulo Kappke paulo.kappke at cyclades.com
Mon Dec 1 16:44:28 PST 2003

Tom, for instance, I have in my old firewall script:

# Chain with disallowed ports:
iptables -N DENYVALID
iptables -A DENYVALID -p tcp --dport 5050 -j DENYRULES # YAHOO MESSENGER
iptables -A DENYVALID -p tcp --dport 1863 -j DENYRULES #   MSN MESSENGER

# Chain to log the disallowed ports:
iptables -N DENYRULES
iptables -A DENYRULES -j LOG --log-prefix "IPT DENYRULES: " $LOGOPT

# Rule calling the Chain to log the disallowed ports

Did you understand it ?

How do I do this in Shorewall ?

Paulo K

Tom Eastep wrote:

> On Mon, 2003-12-01 at 15:50, Paulo Kappke wrote:
>>Hi, I have installed Shorewall with Webmin and they work very well.
>>I have a question: can I create chains and point actions to these chains ??
>>Let me explain:
>>I have chains that I created for log/drop and/or log/accept those I am 
>>using in one or more chains pointed as actions.
>>Is there any chance to do something similar in Shorewall ??
> What exactly are you trying to accomplish?
> -Tom

Paulo Roberto Kappke
IT Manager
Cyclades Corporation
paulo.kappke at cyclades.com
Phone: +1 (510) 771-6241
Fax:   +1 (510) 771-6200
Everywhere with Linux

More information about the Shorewall-users mailing list