On 4/5/19 4:01 AM, Bertrand Friconneau wrote: > Thanks for the help. > > Unfortunately, it's not already working : > > Here is the new configuration of "/etc/shorewall/policy" > > #SOURCE DEST POLICY LOG LEVEL LIMIT:BURST > fw all ACCEPT > fw gm4il ACCEPT > all all REJECT debug > > > But there is an error message : > ERROR: Policy "fw gm4il ACCEPT" duplicates earlier policy "fw gm4il > ACCEPT" /etc/shorewall/policy (line 3 > > > I tried others : > fw gm4il:net ACCEPT > > fw +gm4il ACCEPT > > fw all:gm4il ACCEPT > > > But the messages are : unknown zone or empty zone > > > > Le 02/04/2019 à 16:46, Tom Eastep a écrit : >> On 4/1/19 11:14 PM, Bertrand Friconneau wrote: >>> Here is the file "/etc/shorewall/policy" >>> >>> #SOURCE DEST POLICY LOG LEVEL LIMIT:BURST >>> fw all ACCEPT >>> all all REJECT debug >>> >> So, connections from the firewall are accepted to all zones but all >> other connections are denied. So the firewall itself should be able to >> access the gm4il zone and that is all (unless you add specific rules). >>
Please: - 'shorewall reload' - Try to connect to Google - 'shorewall dump > dump' - Forward the 'dump file to me. Please include which host you attempted to connect to Google from. Thanks, -Tom -- Tom Eastep \ Q: What do you get when you cross a mobster with Shoreline, \ an international standard? Washington, USA \ A: Someone who makes you an offer you can't http://shorewall.org \ understand \_______________________________________________
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
