Hi, The "all" zone you can use in /etc/shorewall/policy isn''t valid in /etc/shorewall/rules, is this correct? I was entering a rule to (for example) block all TCP port 12345 traffic from all sources to all destinations, and logically thinking I began typing this line. REJECT all all tcp 12345 But it didn''t work :-) If I have to enter the zone names, I would need multiple lines in my rules file for this to work Is there a possibility to make such a rule single lined? Thanks in advance, Niels
--On Thursday, January 02, 2003 04:20:41 PM +0100 niels@wxn.nl wrote:> Hi, > > The "all" zone you can use in /etc/shorewall/policy isn''t valid in > /etc/shorewall/rules, is this correct?That was correct until Shorewall version 1.3.11 -- in that version, support was added for ''all'' in rules.> > I was entering a rule to (for example) block all TCP port 12345 traffic > from all sources to all destinations, and logically thinking I began > typing this line. > > REJECT all all tcp 12345 > > But it didn''t work :-)If you are running 1.3.11 or later, send a detailed report. -Tom -- Tom Eastep \ Shorewall - iptables made easy Shoreline, \ shorewall.sf.net Washington USA \ teastep@shorewall.net