Hello everyone,

I am using Debian 5.0 and shorewall.
I have a tiny policy file:
Code:
#
# Shorewall version 4 - Policy File
#
###############################################################################
#SOURCE		DEST		POLICY		LOG		LIMIT:BURST
#						LEVEL
fw              all             ACCEPT
lan             fw              ACCEPT
lan             all             ACCEPT
all             all             DROP            INFO
#LAST LINE -- DO NOT REMOVE
I wonder why in my policy file I have to enter separate line for incoming traffic to the machine lan->fw. Without it, firewall filters out incoming traffic from this network, however I expect line lan->all to be enough.

Any thoughts are highly appreciated.

Thanks.