7 Apr
2005
7 Apr
'05
18:46
I´ve set a rule to allow masquerading for some hosts and some nets for some services i.e.: web access for my net 172.16.4.0/23 FW_MASQ_NETS="172.16.4.0/23,0/0,tcp,80 172.16.4.0/23,0/0,tcp,443" The thing is that I need to deny some specific host, for example 172.16.4.43 from been able to access the web. How do I configure this without specifying each one allowed?? Other question, SuSEfirewall 2 is a statefull packet filter firewall, is it the any special treatment for FTP passive and active connections? What I mean is that the firewall has to be able to open the TCP port dynamically defined during the FTP session stablishment. Regards, Pablo Ronco