-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hiya,
At 10:17 AM 10/8/2003, you wrote:> >
> > I have just started using the three-interface example and have a
> > general question. The provided rules file has the following entries
> > (Note: I renamed dmz to wlan):
> >
> > ACCEPT net fw icmp 8
> > ACCEPT loc fw icmp 8
> > ACCEPT wlan fw icmp 8
> >
> > Since I only have the three interfaces, would it not be more efficient
> > to use:
> >
> > ACCEPT all fw icmp 8
> >
>
>Both generate exactly the same ruleset.
>
>-Tom
Hello,
The basic idea behind the multiple rules in the samples ...
Is the ability to turn off ICMP or turn it on with a simple comment ..
And to show clearly where and when ICMP is being allowed ..
Lady Linux
"No Problems Only Solutions"
Francesca C. Smith
Lady Linux Internet Services
fsmith@ladylinux.com
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>
iQA/AwUBP4Qev29MXAhl3ducEQJAOQCg0Vsge1gYNMdVSJGMTLngA5LDho8AoJr7
qgRuCUa/qPK9DlHLBlpipI8I
=M6Hq
-----END PGP SIGNATURE-----