search for: watchshor

Is there a way to state that a REJECT rule, for instance, applies to all IP addresses belonging to the <domain.xyz> domain? Costantino

I know that Shorewall is not for content control, but until such day that I get the time to set-up squid, what is the best way to prevent machines on LOC from reaching a bunch of sites contained in a list with about 30 to 40 IP addresses or FQDN entries ? The blacklist look only at the SRC field of the packet, right? Thanks, Costantino. --------------------------------- Do you Yahoo!?

I have a DMZ (eth2: 10.0.100.0) and a LOC1 (eth0: 10.0.0.0) defined on my firewall. On one of the port on the switch serving LOC1 I have now a router and a switch feeding a bunch of computers with net=10.0.200.0. While I have defined a route to reach LOC2, I would like to define also a specific zone in order to assign different rules to it. Is it possible ? if yes, what is the syntax of the

Having moved from a "cascading LANs" configuration to two independent LANs on eth0 and eth1, I still get some "state INVALID" for which I am not sure what the cause is. Can somebody help me understand its probable origin? Thanks, Costantino [see attachment]