Steven Jan Springl wrote: > Tom > > If interface entry: > > lan eth0 - > > is defined, it is possible to issue command: > > shorewall delete eth0 lan > > While this does not change the iptables rules, its does remove eth0 from > /var/lib/shorewall/zones > > Command: > > shorewall show zones > > displays lan (ipv4) without an interface. > > I don't know if this could cause any issues.
I don't think that it can (other than messing up 'shorewall show zones') and I don't believe that I'll try to do anything about this. Once ipsets are included in standard kernels, they provide a much better way to implement dynamic zones and we will scrap this current implementation altogether. Thanks, Steven -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/
_______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
