On Saturday 19 February 2011 15:56:12 Tom Eastep wrote: > On 2/19/11 5:37 AM, Steven Jan Springl wrote: > > The patch fixes the MAC address issue. > > > > The patch fixes the above 'owner' issue. However, if the SECTION INPUT > > line is removed the error still occurs. > > Interesting -- Netfilter must be enforcing the restriction on -m owner > more tightly since I have several test cases from you in the regression > library that use owner match in the accounting file. > > This patch prevents it from being used anywhere except in the OUTPUT > section. > > -Tom
Tom I can confirm the patch fixes the issue. Thanks. I am using kernel 2.6.36 and iptables 1.4.10. Steven. ------------------------------------------------------------------------------ The ultimate all-in-one performance toolkit: Intel(R) Parallel Studio XE: Pinpoint memory and threading errors before they happen. Find and fix more than 250 security defects in the development cycle. Locate bottlenecks in serial and parallel code that limit performance. http://p.sf.net/sfu/intel-dev2devfeb _______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
