Shorewall 5.1.10.2
I can preview the iptables that shorewall will generate with this
#shorewall check -r | less
I can preview the generated firewall script
#shorewall compile /tmp/sw
which requires (unreliable) human parsing.
Can I preview the rule and routes that will be generated more easily t
On 7/28/2018 5:19 PM, Tom Eastep wrote:
> On 07/28/2018 08:16 AM, Brian J. Murrell wrote:
>> On Sat, 2018-07-28 at 08:03 -0700, Tom Eastep wrote:
>>> diff --git a/Shorewall-core/lib.common b/Shorewall-core/lib.common
>>> index 205fc705f..bbebf0936 100644
>>> --- a/Shorewall-core/lib.common
>>> +++
On 07/28/2018 08:16 AM, Brian J. Murrell wrote:
> On Sat, 2018-07-28 at 08:03 -0700, Tom Eastep wrote:
>> diff --git a/Shorewall-core/lib.common b/Shorewall-core/lib.common
>> index 205fc705f..bbebf0936 100644
>> --- a/Shorewall-core/lib.common
>> +++ b/Shorewall-core/lib.common
>> @@ -751,6 +751,8
On Sat, 2018-07-28 at 08:03 -0700, Tom Eastep wrote:
> diff --git a/Shorewall-core/lib.common b/Shorewall-core/lib.common
> index 205fc705f..bbebf0936 100644
> --- a/Shorewall-core/lib.common
> +++ b/Shorewall-core/lib.common
> @@ -751,6 +751,8 @@ mutex_on()
> lockf=${LOCKFILE:=${VARDIR}/lock}
On Sat, 2018-07-28 at 15:04 +0200, Matt Darfeuille wrote:
>
> Tom, with MUTEX_ON.patch applied, on LEDE '--pid' is not available or
> is
> it done on purpose?:
>
> root@LEDE:~# ps --pid
> ps: unrecognized option: pid
> BusyBox v1.25.1 () multi-call binary.
>
> Usage: ps
>
> Show list of process
On 07/28/2018 06:04 AM, Matt Darfeuille wrote:
> On 7/26/2018 8:41 PM, Tom Eastep wrote:
>> On 07/26/2018 09:54 AM, Brian J. Murrell wrote:
>>> On Thu, 2018-07-26 at 08:51 -0700, Tom Eastep wrote:
Brian,
>>>
>>> Hi Tom,
>>>
Can you point me to online documentation that describes how
Hi,
I've been blacklisting hosts that try to access unpublished ports by simply
adding the following to the very end of my rules file:
ADD(POL_BL:src):info:polbl,add2polbl net1,net2,net3:!+POL_BL,+GLOBAL_WL
all tcp,udp - !443,80,25
I'd rather not use the BLACKLIST policy and def
On 7/26/2018 8:41 PM, Tom Eastep wrote:
> On 07/26/2018 09:54 AM, Brian J. Murrell wrote:
>> On Thu, 2018-07-26 at 08:51 -0700, Tom Eastep wrote:
>>>
>>> Brian,
>>
>> Hi Tom,
>>
>>> Can you point me to online documentation that describes how this
>>> 'lock'
>>> utility is supposed to work?
>>
>> It