Shorewall users - Jun 2003 - defining zones as list of CIDR

Hello,

Is there a way, using Shorewall, to define zones by IP network instead
of by interface?  I would like to define a few netblocks currently in my
''net'' zone by different rules.  If I were to just use the
''net:[network]''
notation the list would grow very large (x10 for each service to allow
access).

Any ideas?

thanks,
hank

http://shorewall.net/Documentation.htm#Hosts

"/etc/shorewall/hosts Configuration

For most applications, specifying zones entirely in terms of network
interfaces is sufficient. There may be times though where you need to define
a zone to be a more general collection of hosts. This is the purpose of the
/etc/shorewall/hosts file."

I think this is what you need......

-Alex


----- Original Message -----
From: "Adam Henry" <hank@marinar.com>
To: <shorewall-users@lists.shorewall.net>
Sent: Saturday, June 07, 2003 7:43 PM
Subject: [Shorewall-users] defining zones as list of CIDR

> Hello,
>
> Is there a way, using Shorewall, to define zones by IP network instead
> of by interface?  I would like to define a few netblocks currently in my
> ''net'' zone by different rules.  If I were to just use the
''net:[network]''
> notation the list would grow very large (x10 for each service to allow
> access).
>
> Any ideas?
>
> thanks,
> hank
> _______________________________________________
> Shorewall-users mailing list
> Post: Shorewall-users@lists.shorewall.net
> Subscribe/Unsubscribe:
http://lists.shorewall.net/mailman/listinfo/shorewall-users
> Support: http://www.shorewall.net/support.htm
> FAQ: http://www.shorewall.net/FAQ.htm
>