I am trying to set up the firewall for a very specific and perhaps unusual situation. First thing I noticed, when trying to set up the firewall was that the Yast firewall-config package was not installed. Even after installing, I find that when I try to configure the firewall, I get a message firewalld is not running. I can go into Services Manager, to enable and start it. However, after rebooting, while still enabled, firewalld is not starting. Seems to me there's a bit of a problem here. Next, is there anyway to filter outgoing packets? I don't see it in the firewall configuration. I'm trying to block the MAC address from the Ethernet port on my notebook from going out onto the network. This is the unusual situation I referred to. I have a small managed switch, which I configured for port mirroring, so that I can use Wireshark to monitor traffic to other computers. This involves inserting what's commonly referred to as a "data tap" between the two devices. I am using the managed switch in that roll. However, unlike switches from Cisco, Adtran etc., this TP-Link switch allows traffic from the monitor port to pass through the other switch ports. In a network, where a switch is configured for port security, this may cause problems, in that the port may be shut down, if an unauthorized MAC address appears on that port. Since this switch I'm using to monitor the connection allows frame from the mirror port out, this might actually cause a failure. My goal is to block any frame with the Ethernet port MAC address from leaving the computer. While I could write the appropriate IPTables commands to do this, I would prefer to do it in the firewall configuration, as the network manager supports loading specific zones, but I don't see a way to call a script. I am trying to use the "drop" zone and filtering on source MAC address. Suggestions? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org