Re: [Shorewall-devel] zone-dependent blacklist/whitelist

From: Mr Dash Four <mr.dash.four_at_nospam>
Date: Fri Sep 30 2011 - 19:46:08 GMT
To: shorewall-devel@lists.sourceforge.net

>> Are you thinking of dumping the blacklst and blackout chains in the
>> INPUT, OUTPUT and FORWARD chains, filtering out just the interface?
>>
>
> No: I'm merely suggesting that the first column could be of the form
> <interface>:<network list>. The <interface> would be the source
> interface in 'src' entries and the destination interface in 'dst'
> entries.
>
Where are you going to place these statements - in the same
blacklst/blackout chains shared among all zones or somewhere else? If
so, where?

------------------------------------------------------------------------------
All of the data generated in your IT infrastructure is seriously valuable.
Why? It contains a definitive record of application performance, security
threats, fraudulent activity, and more. Splunk takes this data and makes
sense of it. IT sense. And common sense.
http://p.sf.net/sfu/splunk-d2dcopy2
_______________________________________________
Shorewall-devel mailing list
Shorewall-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-devel

This message: [ Message body ]
Next message: Tom Eastep: "Re: [Shorewall-devel] zone-dependent blacklist/whitelist"
Previous message: Tom Eastep: "Re: [Shorewall-devel] zone-dependent blacklist/whitelist"
In reply to: Tom Eastep: "Re: [Shorewall-devel] zone-dependent blacklist/whitelist"
Next in thread: Tom Eastep: "Re: [Shorewall-devel] zone-dependent blacklist/whitelist"
Reply: Tom Eastep: "Re: [Shorewall-devel] zone-dependent blacklist/whitelist"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ]