Tom Eastep writes:
> On Tue, 7 Oct 2003, Sean MacLennan wrote:
>
> >
> > I have just started using the three-interface example and have a
> > general question. The provided rules file has the following entries
> > (Note: I renamed dmz to wlan):
> >
> > ACCEPT net fw icmp 8
> > ACCEPT loc fw icmp 8
> > ACCEPT wlan fw icmp 8
> >
> > Since I only have the three interfaces, would it not be more
efficient
> > to use:
> >
> > ACCEPT all fw icmp 8
> >
>
> Both generate exactly the same ruleset.
Great! So all is really just an alias for "all zones" not a separate
type. Good.
While I have the chance, I would like to say I found the documentation
extremely easy to follow. I could give lots of reasons that I choose
Shorewall, but the honest reason is that I went to the QuickStart
Guides, saw "Single IP, three interfaces" and thought
"that''s exactly
what I have"! Sure, I will have to tweak to get it working with my
configuration, but it was obvious how to add web and mail interfaces,
and, except for a slight DNS boo boo on my part, it worked first time!
Thanks for a great product! I still can''t believe it is written
entirely in shell script.
Cheers,
Sean