On Saturday 14 February 2004 10:59 am, andrew wrote:> Well that seem to work for squid or redirect, would it also imply for
> other ports like, pop3, smtp and so on?
>
Please quote enough of the previous post so that we have some clue about what
you are talking. You didn''t even reply to my previous post, but rather
started a new thread so now we all had to go back and re-capture the essence
of what your post was about.
The technique mentioned in the other thread is reserved for REDIRECT and DNAT.
Otherwise, for simple rules it is trivial.
ACCEPT what you want
REJECT the rest
Example:
ACCEPT loc:192.168.1.4,192.168.1.8/29,... net tcp pop3 #Use as many lines as
#you need
REJECT loc net tcp pop3
-Tom
--
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ teastep@shorewall.net