On 11/25/2012 03:58 PM, Steven Jan Springl wrote:
> On Sunday 25 Nov 2012 23:33:40 Tom Eastep wrote:
>> On 11/25/2012 02:50 PM, Steven Jan Springl wrote:
>>> In the attached config. conntrack entries:
>>>
>>> DROP all eth0 udp 1
>>> DROP all eth1 udp 1
>>>
>>> produce the following error message:
>>>
>>> /var/lib/shorewall/.start: 2242: Syntax error: "}" unexpected (expecting
>>> "done")
>>
>> I'm going to disallow a interface in the DEST column when the chain is
>> OUTPUT. That restriction also holds in the tcrules file.
>>
>> Patch attached.
>>
>> -Tom
>
> Tom
>
> The patch resolves the issue.
>
> However, if the conntrack entries are changed to:
>
> DROP all- eth0 udp 1
> DROP all- eth1 udp 1
>
> the same error message is produced.
Optimizer bug -- patch attached.
Thanks Steven,
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car
http://shorewall.net \________________________________________________
diff --git a/Shorewall/Perl/Shorewall/Chains.pm
b/Shorewall/Perl/Shorewall/Chains.pm
index b7dd104..0d6f6f6 100644
--- a/Shorewall/Perl/Shorewall/Chains.pm
+++ b/Shorewall/Perl/Shorewall/Chains.pm
@@ -3396,7 +3396,7 @@ sub delete_duplicates {
next RULE unless compare_values( $baseref->{$key},
$ruleref->{$key} );
}
- $duplicate = 1;
+ $duplicate = $ruleref->{mode} == CAT_MODE;;
}
if ( $duplicate ) {
------------------------------------------------------------------------------
Monitor your physical, virtual and cloud infrastructure from a single
web console. Get in-depth insight into apps, servers, databases, vmware,
SAP, cloud infrastructure, etc. Download 30-day Free Trial.
Pricing starts from $795 for 25 servers or applications!
http://p.sf.net/sfu/zoho_dev2dev_nov
_______________________________________________
Shorewall-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-devel
