Shorewall users - Jul 2012 - Interpret this code Iptables in Shorewall vol2

How I can interpret this code Iptables in Shorewall?

iptables -A OUTPUT -d  1.168.0.0/16  -p tcp --dport 443 -j DROP
iptables -A FORWARD -d  1.168.0.0/16  -p tcp --dport 443 -j DROP
iptables -A INPUT -s  1.168.0.0/16  -p tcp --dport 443 -j DROP

Thanks !!


-- 
I.S.C. William López Jiménez
-- 
User Linux # 379636
MSN         wljkoala23@hotmail.com
Jabber       koalasoft@jabber.org
Web:         www.koalasoftmx.tk
Twitter:      @koalasoft
Facebook:  william.koalasoft


------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today''s security and 
threat landscape has changed and how IT managers can respond. Discussions 
will include endpoint security, mobile security and the latest in malware 
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/

On 07/05/2012 08:03 AM, I.S.C. William wrote:
> How I can interpret this code Iptables in Shorewall?
>
> iptables -A OUTPUT -d  1.168.0.0/16  -p tcp --dport 443 -j DROP
> iptables -A FORWARD -d  1.168.0.0/16  -p tcp --dport 443 -j DROP
> iptables -A INPUT -s  1.168.0.0/16  -p tcp --dport 443 -j DROP
Assuming that 1.168.0.0/16 is in the ''net'' zone:

DROP	net:1.168.0.0/16	all			tcp	443
DROP	all			net:1.168.0.0/16	tcp	443

-Tom
-- 
Tom Eastep        \ When I die, I want to go like my Grandfather who
Shoreline,         \ died peacefully in his sleep. Not screaming like
Washington, USA     \ all of the passengers in his car
http://shorewall.net \________________________________________________



------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today''s security and 
threat landscape has changed and how IT managers can respond. Discussions 
will include endpoint security, mobile security and the latest in malware 
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/

This code is in Iptables rules ... Open port 443 to sites google, gmail and
hotmail, How I can interpretet in shorewall ?

$IPTABLES -A FORWARD -p tcp -d secure.shared.live.com --dport 443 -j ACCEPT
$IPTABLES -A FORWARD -p tcp -d login.live.com --dport 443 -j ACCEPT
$IPTABLES -A FORWARD -p tcp -d 65.54.165.139 --dport 443 -j ACCEPT
$IPTABLES -A FORWARD -p tcp -d 65.55.128.204 --dport 443 -j ACCEPT

#$IPTABLES -A FORWARD -p tcp -d www.gmail.com --dport 443 -j ACCEPT
#$IPTABLES -A FORWARD -p tcp -d www.google.com --dport 443 -j ACCEPT

What I intend to do with this is to close all the port and https port 443
open only to those sites so they can be used.

2012/7/5 Tom Eastep <teastep@shorewall.net>
> On 07/05/2012 08:03 AM, I.S.C. William wrote:
> > How I can interpret this code Iptables in Shorewall?
> >
> > iptables -A OUTPUT -d  1.168.0.0/16  -p tcp --dport 443 -j DROP
> > iptables -A FORWARD -d  1.168.0.0/16  -p tcp --dport 443 -j DROP
> > iptables -A INPUT -s  1.168.0.0/16  -p tcp --dport 443 -j DROP
>
> Assuming that 1.168.0.0/16 is in the ''net'' zone:
>
> DROP    net:1.168.0.0/16        all                     tcp     443
> DROP    all                     net:1.168.0.0/16        tcp     443
>
> -Tom
> --
> Tom Eastep        \ When I die, I want to go like my Grandfather who
> Shoreline,         \ died peacefully in his sleep. Not screaming like
> Washington, USA     \ all of the passengers in his car
> http://shorewall.net \________________________________________________
>
>
>
>
>
------------------------------------------------------------------------------
> Live Security Virtual Conference
> Exclusive live event will cover all the ways today''s security and
> threat landscape has changed and how IT managers can respond. Discussions
> will include endpoint security, mobile security and the latest in malware
> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
> _______________________________________________
> Shorewall-users mailing list
> Shorewall-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/shorewall-users
>


-- 
I.S.C. William López Jiménez
-- 
User Linux # 379636
MSN         wljkoala23@hotmail.com
Jabber       koalasoft@jabber.org
Web:         www.koalasoftmx.tk
Twitter:      @koalasoft
Facebook:  william.koalasoft


------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today''s security and 
threat landscape has changed and how IT managers can respond. Discussions 
will include endpoint security, mobile security and the latest in malware 
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/