shorewall config question with /etc/shorewall/rules
Is there an easy way to open up all ports for a trusted device?
This is the current state of my rules file ACCEPT net fw tcp 80,443,22 - ACCEPT loc fw tcp 80,443,22 - I would like to do something like the following if possible: ACCEPT loc fw tcp all - But, it isn't that easy. Is there a quick way? |
Yup,
ACCEPT loc fw tcp or ACCEPT loc fw tcp - - should do it... The default for unspecified ports is 'all'. You might want to consider whether you want 'UDP' connections as well?? (Not sure what you're doing so couldn't comment :-) _________ Bill G. #666 |
Thanks! Perfect
Here is my set-up, in case anyone cares. My machine (with firewall) has nis, nfs automount and smbfs shared on eth0, and eth1 is connected to cable modem. Before, I was using a D-Link Di704P router, (lately port forwarding has been really flakey). Through the drakconf (mandrake 10), I set up nis and automount for 3 other machines in my house. Everything is perfect. I then removed the router, added a new ethernet card in my nis server and set up internet sharing. Worked great, however nis stopped on client machines. When I went to configure the firewall, it applied the settings to both devices. This fixed it: ACCEPT net fw tcp 22 - ACCEPT loc fw tcp ACCEPT loc fw udp ACCEPT loc fw icmp echo-request - REDIRECT loc 3128 tcp www - Thanks again for the help. |
Quote:
|
All times are GMT -5. The time now is 04:45 PM. |