Tom If OPTIMIZE_ACCOUNTING=Yes and there is just one rule in the accounting file eg:
ACCOUNTING(net2lan,192.168.0.0/24) - eth0 eth1 The following error messages are produced from a shorewall debug start ... iptables v1.4.10: Can't use -o with INPUT ERROR: Command "/usr/local/sbin/iptables -A INPUT -i eth0 -o eth1 -j ACCOUNT --addr 192.168.0.0/24 --tname net2lan" Failed If the rule is changed to: ACCOUNTING(net2lan,192.168.0.0/24) - eth0 - then the following messages are produced: iptables v1.4.10: Can't use -i with OUTPUT ERROR: Command "/usr/local/sbin/iptables -A OUTPUT -i eth0 -j ACCOUNT --addr 192.168.0.0/24 --tname net2lan" Failed If OPTIMIZE_ACCOUNTING=No or there is more than one rule in the accounting file eg duplicate the rule, then the error does not occur. Steven. ------------------------------------------------------------------------------ Special Offer-- Download ArcSight Logger for FREE (a $49 USD value)! Finally, a world-class log management solution at an even better price-free! Download using promo code Free_Logger_4_Dev2Dev. Offer expires February 28th, so secure your free ArcSight Logger TODAY! http://p.sf.net/sfu/arcsight-sfd2d _______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
