About F19 Firewall
twoerner at redhat.com
Tue Sep 24 16:07:49 UTC 2013
On 09/24/2013 05:15 PM, P J P wrote:
> Hello Thomas,
> ----- Original Message -----
>> From: Thomas Woerner <twoerner at redhat.com>
>> Subject: Re: About F19 Firewall
>> You have to make sure where you are adding new rules. Here is a simple
>> example where you want to drop everything from 192.168.1.18:
>> If you do it wrong if could end up like this (output of iptables -S):
>> -A INPUT -s 192.168.1.0/24 -j ACCEPT
>> -A INPUT -s 192.168.1.18 -j DROP
>> -A INPUT -j REJECT
> Yes, I know about the ordering issue. But that is fairly reasonable, intuitive and straightforward to understand.
O.k., then please provide a program that places (user supplied) rules at
the proper position in an (user supplied) rule set in that way that it
will always result in the (user) expected behaviour without further
modifications. BTW: This is not limited to source addresses only, but
also port ranges and ports, matches, logging, ..
I am looking forward to get this solution.
More information about the devel