On Mon, 25 May 2020 08:27:17 -0400
"Brian J. Murrell" <br...@interlinx.bc.ca> wrote:

> On Mon, 2020-04-27 at 11:24 -0400, Brian J. Murrell wrote:
> > If I have a bunch of zones defined:
> > 
> > vpn1        ipv4
> > vpn2        ipv4
> > vpn3        ipv4

> > Is there any way to write a single rule that covers all of those
> > zones/hosts as a source?
> > 
> > Something like:
> > 
> > DNS/ACCEPT vpn*             $INT_DNS  
> 
> Any thoughts on this?  Not possible?

First, DNS/ACCEPT is deprecated long time ago and won't work any more.

This would work:

DNS(ACCEPT) vpn1,vpn2,vpn3 $INT_DNS

Or reverse idea, use all and exclude zones you don't want.

DNS(ACCEPT) all!net $INT_DNS

-- 
Tuomo Soini <t...@foobar.fi>
Foobar Linux services
+358 40 5240030
Foobar Oy <https://foobar.fi/>

Attachment: pgpG9X6pmk41v.pgp
Description: OpenPGP digital signature

_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users

Reply via email to