On Wed, 18 Feb 2004, hallian hallian wrote:
> hello -
>
> I have two questions:
>
> 1) What is the order of readinf rules in shorewall. Is it top Down
> approach. i.e. if I have a ACCEPT fot a rule and the same rule applies
maybe
> 4 lines down the lane which is REJECT. Which rule takes precedence?
>
This question illustrates why I occasionally have to take a day off from
Shorewall support. From http://www.shorewall.net/Documentation.htm#Rules:
Rules for each pair of zones (source zone, destination zone) are
evaluated in the order that they appear in the file the first
match determines the disposition of the connection request with a
couple of caveats:
It then goes on to list several obsure exceptions.
What exactly about the above is not clear?
> 2) Apart from "common" file to add iptables rule syntax, is there
a way to
> add rules via the shorewall syntax? i.e. include another file apart from
> common file. I did not see anything related to that.. and was wondering?
>
Shorewall 2.0 allows common ''actions'' to be defined. These use
Shorewall
action syntax rather than iptables syntax.
-Tom
--
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ teastep@shorewall.net