search for: 09tcp

...09detect =09=09dhcp,noping,norfc1918 Hosts #zone =09host =09=09=09options webgp =09eth0:192.155.1.233 webgp =09eth0:192.155.1.248 webgp =09eth0:192.155.1.231 Rules #result=09=09client=09server=09proto=09port=09client_port=09address =2E............snip............... ACCEPT=09webgp=09wan=09tcp=09www=09- ACCEPT=09lan=09fw::3328=09tcp=09www=09-=09=09all ACCEPT=09fw=09wan=09tcp=09www=09- =2E............snip............... It appears that the above rule that forwards that lan traffic to the fire= wall=20 port 3328 is also forwarding the webgp traffic, and since webpg is a sub = zone=20 of l...

A recent request to provide a way to block access to certain websites (ba= nner=20 ads) led me to an idea. a) A new directory /etc/shorewall/lists b) In this directory, are files containing lists of IP addresses and/or=20 subnets c) a new JUMP rule: =09JUMP:list1=09loc=09net=09tcp=09http d) By default, matching in the list would be by destination address and i= f a=20 match was found, the connection request would be REJECTed e) The default behavior could be overridden through entries in a list: =09SOURCE:ACCEPT for example would match on the source address and would ac...

Sat Mar 22 14:16:55 CST 2003 This post is a bit long, but I want to make sure I am providing the information up front that can help in others helping me solve this mystery. I am having a bit of difficulty getting Shorewall to work with SecuRemote and its FW-1 server. I have attached the "rules" file I am using and the output of "shorewall show nat". The diagram below