29 Apr
2004
29 Apr
'04
14:59
Helo suse-security (little mail joke, sorry) I want to set up a rule in SuSEfirewall2 that allows all users from my LAN to browse or FTP from 192.168.0.0/24 to 0/0 This is easy and done. FW_MASQ_NETS="192.168.0.0/24,0/0,tcp,80 \ 192.168.0.0/24,0/0,tcp,21" My question is, I only want two internal addresses to be able to FTP and Browse to a specific FTP/WWW server. I cannot find any reference in SuSEfirewall2 to include an exclusion in the above line. I was thinking something like: FW_MASQ_NETS="192.168.0.0/24,0/0!200.200.200.211,tcp,80 \ 192.168.0.222,200.200.200.211,tcp,80" Any idea how to do this, or should I create all my forwarding rules directly using iptables? B