On Wed, 2011-12-07 at 14:04 +0000, yogesh phatak wrote:> Hello,
>
> In the current setup we have block the access to all sites. But provided
access to few sites.
>
> Approximately we have allowed 30-35 sites and pop smtp access to users by
adding individual rule for each.
> As soon as we add new site access rule firewall stops responding. Even if
we revert the newly added rule from rules file; firewall state remain down.
>
> So I would like to know if any limit to /etc/shorewall/rules file.
There is no Shorewall-imposed limit. But Netfilter fails to load
rulesets larger than around 60,000 rules.
Why don''t you simply use REJECT policies and then have ACCEPT rules
only
for those sites that you wish to allow?
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car
http://shorewall.net \________________________________________________
------------------------------------------------------------------------------
Cloud Services Checklist: Pricing and Packaging Optimization
This white paper is intended to serve as a reference, checklist and point of
discussion for anyone considering optimizing the pricing and packaging model
of a cloud services business. Read Now!
http://www.accelacomm.com/jaw/sfnl/114/51491232/