On Monday 26 August 2002 11:22, lidad@zeelandnet.nl wrote:> And I must admit, Tom you have really done a great job !!!!!!!!!!!!!!!! > Firewalling is a complicated matter but using Shorewall it becomes "a > piece of cake :) " >I''m glad that it''s working well for you.> I still have some questions about the possibilities of shorewall. > > Is it possible to run Shorewall with multiple configurations. I''d like > tho use different configurations for office-hours and non-office-hours. >You should be able to do what you want as follows: 1. Create a directory in /etc for each configuration that you want. 2. Into each of these directories, copy the files from /etc/shorewall that you=20 want to have different contents. Modify the files as required. 3. Set up cron jobs that "shorewall -c /etc/<config> restart" at the=20 appropriate time of day. Another user reported having problems running /sbin/shorewall from crond and=20 ended up jacketing it with shell scripts; I don''t think that is necessary but=20 this particular user resorted to that to get it working. In his case, he=20 simply wanted to "shorewall reject <his son''s ip>" at 10:00 on school nights=20 and "shorewall allow <his son''s ip>" at 7:00 the next morning :-)=20 -Tom --=20 Tom Eastep \ Shorewall - iptables made easy AIM: tmeastep \ http://www.shorewall.net ICQ: #60745924 \ teastep@shorewall.net
lidad@zeelandnet.nl
2002-Aug-26 18:22 UTC
[Shorewall-users] Multiple configurations with Shorewall
A few days ago I already mentioned that I am using Shorewall on Debian 3.0r0 and Redhat 7.3 using kernel 2.4.18 And I must admit, Tom you have really done a great job !!!!!!!!!!!!!!!! Firewalling is a complicated matter but using Shorewall it becomes "a piece of cake :) " I still have some questions about the possibilities of shorewall. Is it possible to run Shorewall with multiple configurations. I''d like tho use different configurations for office-hours and non-office-hours. Thanks Ad Koster lidad@zeelandnet.nl