On Saturday 05 May 2007 15:18, Tom Eastep wrote: > Tom Eastep wrote: > > Steven Jan Springl wrote: > >> Tom > >> > >> Tos rule: > >> > >> lan all tcp - 22 16 > >> > >> compiles with shorewall-shell but produces the following error when > >> compiled with shorewall-perl: > >> > >> ERROR: Unknown Interface (lan): "lan all tcp > >> - 22 16" : > >> /etc/shorewall/tos ( line 9 ) > >> > >> > >> Note, the following tos rule also produces the same error: > > > > Steven, > > > > This is expected -- see the Shorewall-perl documentation. > > In particular, this item from the release notes: > > h) The /etc/shorewall/tos file now has zone-independent SOURCE and > DEST columns as do all other files except the rules and policy > files. > > The SOURCE column may be one of the following: > > [all:]<address>[,...] > [all:]<interface>[:<address>[,...]] > $FW[:<address>[,...]] > > The DEST column may be one of the following: > > [all:]<address>[,...] > [all:]<interface>[:<address>[,...]] > > This is a permanent change. The old zone-based rules have never > worked right and this is a good time to replace them. I've tried > to make the new syntax cover the most common cases without > requiring change to existing files. In particular, it will > handle the tos file released with Shorewall 1.4 and earlier. > > -Tom Tom
Sorry, I have based most of the testing on the content of the man pages, only going elsewhere when I have needed further clarification. Changing the rule to: eth0 all tcp - 22 16 generates the following iptables rule -A OUTPUT -j outtos which produces the following error: iptables-restore v1.3.6: Couldn't load target `outtos':/lib/iptables/libipt_outtos.so: cannot open shared object file: No such file or directory Steven. ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
