Mike Dillinger wrote:
>
>
> It seems kind of redundant to me and I''d prefer to have the Drop
action
> over the Reject one. I am unable to find which file calls these actions
> so I can fix this. I am not calling them from /etc/shorewall/rules.
> Can someone point me to the right place?
I recommend that you don''t "fix" it until you understand how
it works and
why it works that way.
http://www.shorewall.net/Actions.html
Pay attention to:
a) How to modify standard actions safely; and
b) Why there are "Common" actions associated with policies and how
they work.
Once you have done that, then you can decide if you want to annoy your local
users with timeouts rather than immediate rejects and, if you do then you
will also know how to change the common action for the REJECT policy so that
your change isn''t wiped out the next time that you upgrade.
-Tom
--
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ teastep@shorewall.net
PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key