On 5/28/11 8:16 AM, Mr Dash Four wrote: > >> The philosophy of shorewall.conf has always been that if you don't >> change it during an upgrade, then the behavior of your firewall won't >> change (fully backward compatible). So the default (value assigned when >> the option does not appear in the file or is supplied with an empty >> value) is chosen to achieve backward compatibility. >> > I agree with that. There is a difference, however, between "default > value assigned in shorewall.conf" and "using default value" and that > difference is that unless I see it in shorewall.conf for me this option > does not exist and if it does not exist I wouldn't know about it (a bit > like your FAKE_AUDIT option really - unless I read that post from you on > this list, I wouldn't have known about this option, which I don't think > is right - that's a bit Microsoft like!). > >> So now, new options in shorewall.conf always get their >> compiler-defaulted values and I only assign a different value in the >> sample configurations. >> > What do you mean - that the sample shorewall.conf provided with the > shorewall package does not contain the "default" values?
Those in the Samples directory do not contain the "default" values. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ vRanger cuts backup time in half-while increasing security. With the market-leading solution for virtual backup and recovery, you get blazing-fast, flexible, and affordable data protection. Download your free trial now. http://p.sf.net/sfu/quest-d2dcopy1
_______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
