On Sat, 19 Apr 2003, Robert P. J. Day wrote:
> however, it *appears* (and i stress "appears") that zones
> are defined as being what lives beyond an interface, and you can't
> get more detailed than that.
>
That's not correct.
> in a single host case, there would be two zones -- out there
> ("net"), and "fw", the host itself (the host always being considered
> the "fw" zone). but this doesn't seem to be sufficient for what
> i'm trying to do.
>
Check out the documentation for the /etc/shorewall/hosts file.
-Tom
--
Tom Eastep \ Shorewall - iptables made easy
Shoreline, \ http://www.shorewall.net
Washington USA \ teastep@xxxxxxxxxxxxx
