Tom Eastep wrote on 20/04/2007 14:06:31:
[...]
> A couple of things.
>
> a) You are *not* running shorewall-perl 3.9.3. You are running something
> that no one else in the world is likely to have; a snapshot of the
> development thread somewhere between 3.9.2 and 3.9.3. I asked that you
> only install shorewall-shell from the staging directory; if you
> installed all of the RPMs found there then you will need to use the
> - --force directive to upgrade to the real 3.9.3 when I release it this
> weekend.
sorry, I didn't understand that (english as a second language?)
here is what I did up to now:
- downloaded and rpm'd shorewall, shorewall-shell and shorewall-perl (in
this order).
- copied my config files from a 3.4.1 to /etc/shorewall (carefully,
reading all notes - no modifications introduced)
- compiled my config file using
shorewall compile -C perl ~/sw.perl
shorewall compile -C shell ~/sw.shell
later, I executed sw.perl and sw.shell and compared the iptables-save from
each of them. In this moment, I noticed the fw2fw chain in the
iptables-save output of shorewall-perl.
but don't worry, no upgrades here. this is a 100% new machine that I'm
using just to understand and test the new version of shorewall-perl. When
the time comes to put this box in production, I'll begin from zero.
Installing a new linux is 30 minutes on the line.
>
> b) If you define an explicit fw->fw policy, then you will get a fw2fw
> chain; same if you define fw->fw rules. That hasn't changed from
> Shorewall-shell.
no explicit policies here from fw->fw (the configuration i'm testing
against is used elsewhere in a production firewall). besides,
shorewall-shell is not creating this chain for the same configuration.
cheers,
--
Eduardo Ferreira
Icatu Holding S.A.
(21) 3804-8606
-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
Shorewall-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-devel
