Re: Complex ruleset questions
This is a discussion on Re: Complex ruleset questions within the IPFilter forums, part of the System Security and Security Related category; Le 2003-06-27, Damian Gerow écrivait : > Was the first way I was doing it. I'm currently breaking ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
06-27-2003
|
|||
|
|||
Re: Complex ruleset questions
Le 2003-06-27, Damian Gerow écrivait :
> Was the first way I was doing it. I'm currently breaking it down to: > > block in log on rl0 from any to any head 10 > block in log on rl0 from any to 192.168.1.1 group 10 head 100 > block in log on rl0 from any to 192.168.1.2 group 10 head 101 > <and others> > > block in log on rl1 from any to any head 20 > block in log on rl1 from any to 192.168.1.1 group 20 head 100 > block in log on rl1 from any to 192.168.1.2 group 20 head 101 > <and others> Does this work? ipfilter is not supposed to support multiple heads for the same group, AFAIK. > block in log on {rl0,rl1} from any to any head 20 > <service-specific forwards here> skip 2 in on rl0 from any to any skip 1 in on rl1 from any to any skip 1 in from any to any block in log from any to any head 20 Thomas. -- Thomas.Quinot@Cuivre.FR.EU.ORG 
|
 |
«
Previous Thread
|
Next Thread
»
| Thread Tools | |
| Display Modes | |
Linear Mode
|
|
All times are GMT +1. The time now is 05:27 PM.
