I'm investigating how to improve some monowall features, particularly 
related to making rules management more easy.

I'm actually using monowall in several places, where a central m0n0 unit 
is managing a lot of corporate VLANs, but we have problems applying 
rules over so many interfaces (setting rules for accessing a servers 
VLAN means to apply those rules to all other existing VLANs).
We are studying how to change rules behaviours, but we see the ipfilter 
does not let having too many choices.
Any way to add also rules to outgoing interfaces together with incoming 
interfaces?

In alternative, would it be crazy to apply rules only to outgoing 
interfaces instead of incoming interfaces, adding a system setup flag 
which would set which direction is used ? It would semplify a lot 
management of complex environments, where a few of "outgoing" rules 
would substitute hundreds of "incoming" rules.

Any hint/comment before we try to put hands in the code?

Tonino

-- 
------------------------------------------------------------
        Inter@zioni            Interazioni di Antonio Nati 
   http://www.interazioni.it      tonix at interazioni dot it           
------------------------------------------------------------