search for: exerp

...Embeded in LAN zone (subzone) #test eth1 # Undef here - i.e: dynamic #lan eth1:10.0.1.0/24 # defined implicitly #net eth0:0.0.0.0/0 # defined implicitly policy: fw all REJECT info net all DROP info test all DROP info users all REJECT info lan all DROP info all all DROP info rules (exerp): ACCEPT test net tcp http,rsync ACCEPT test net icmp echo-request ACCEPT users net tcp http,https,ftp,smtp,... This setup seems to work. If I call ''shorewall add eth1:10.0.1.1 test'', the system 10.0.1.1 is then allowed to ping systems on the internet. When I delete 10.0.1.1,...