Dear All, I have a squid running on red hat linux 8 server and is working fine recently i have installed shorewall 3.0.6 on the above machine as per the documentation and is working fine but i have in my policy file as below ############################################################################### #SOURCE DEST POLICY LOG LIMIT:BURST # LEVEL loc fw ACCEPT fw net ACCEPT fw loc ACCEPT net fw DROP info all all DROP info and in my rules files ACCEPT fw net tcp 80,443 ACCEPT:info all fw tcp 80,443 and everythin works fine .. i mean my local users can all browse perfectly perfectly but i see that from the outside world I can ping and telnet the public ip of the linux proxy server even though the rule net to fw drop is present then i put the below rule in my rules files and then it works perfect DROP all fw all but i get a message when i start shorewall it starts fine but i see a warnign message Warning -- Rule "DROP net fw all " is a POLICY -- and should be moved to the policy file apprecite ur help -- Simon D''cunha ( NETWORK ADMIN ) KUWAIT MUNICIPLAITY
simon dcunha wrote:> Dear All, > > I have a squid running on red hat linux 8 server and is working fine > > recently i have installed shorewall 3.0.6 on the above machine as per the > documentation and is working fine but > > i have in my policy file as below > > ############################################################################### > #SOURCE DEST POLICY LOG LIMIT:BURST > # LEVEL > loc fw ACCEPT > fw net ACCEPT > fw loc ACCEPT > net fw DROP info > all all DROP info > > > and in my rules files > > ACCEPT fw net tcp 80,443 > ACCEPT:info all fw tcp 80,443 > > and everythin works fine .. i mean my local users can all browse perfectly > perfectly > but i see that from the outside world I can ping and telnet the public ip > of the linux proxy server even though the rule net to fw drop is present > > then i put the below rule in my rules files and then it works perfect > > DROP all fw all > > but i get a message when i start shorewall it starts fine but i see a > warnign message > > Warning -- Rule "DROP net fw all " is a POLICY > -- and should be moved to the policy file > > >Add this line to the policy file?> apprecite ur help > > > >-- Ray Booysen rj_booysen@rjb.za.net