Thanks Tom, Roberto,

apparently i'm way too stupid to get a simple cookbook config to run in a reasonable time.
I spend a lot of time looking for ways to get the config's notation right - commented examples in the config files would probably help me better than a lot of documentation and might be a nice idea for noobs like me -
f.i. in shorewall.conf:

# lograte example: 15/minute, if you use this option also fill in the logburst number

Anyway, thank you for the software, pity i can't get it to do what i need it to do


2010/3/19 felis nigripes <>
Hi Roberto,

thank you for your speedy reply!
'k will follow your advice, but still wonder about what i'm doing wrong.
I have a server in a local network, with a gateway. The local network needs more access, f.i. ssh, the Net only web. Simple i agree, i bet it's easy in shorewall too, just have to find out how :)

kind regards

2010/3/19 Roberto C. Sánchez <>
On Fri, Mar 19, 2010 at 08:25:58PM +0100, felis nigripes wrote:
>    SSH/ACCEPT          loc            $FW
>    with 'loc' in hosts specified as [1]
>    If i specify a debug loglevel i see no change. How can i debug shorewall?
>    What am i missing?
shorewall-hosts(5) says this:

"This file is used to define zones in terms of subnets and/or individual
IP addresses. Most simple setups don´t need to (should not) place
anything in this file."

I am guessing that your setup is simple, so you should remove that entry
from the hosts file, restart Shorewall and try again.



