Shorewall users - Sep 2002 - Questions about running shorewall localy on a webserver...

Hello,

I have recently come across an opportunity to put a single sever in a nice
colocation facility.
What this means, is that I have one server, with one interface, that (I am
hoping) will be a webserver, firewall, and other servers. With multiple
static IPs.

But, considering this, and my familiarity with shorewall, I am slightly
daunted by this plan.
This is because, when making rules, they would all be fw->net or net->fw.

If I have multiple IPs on the firewall/server machine, can I make rules per
IP, from the fw zone to the net zone and vice versa?

(this is how i was imagining it would look though because of how the fw zone
is defined i dont think this will work:

ACCEPT    net                fw:2.2.2.2            ftp,www,etc
ACCEPT    net                fw:2.2.2.3            pop,imap
ACCEPT    net                fw:2.2.2.4            27015
ACCEPT    net                fw:2.2.2.5            ssh
)

I think this is doable with shorewall though I am not sure how at this
point.

Any ideas?

Thanks,

alex@rettconsulting.com