On 02/02/2013 07:41 AM, Tom Eastep wrote: >> 1. Issue warning/error when state rules will never execute: >> >> rules >> ~~~~~ >> SECTION ESTABLISHED >> Invalid(DROP) all all >> >> or >> >> shorewall.conf >> ~~~~~~~~~~~~~~ >> BLACKLIST="NEW,UNTRACKED" >> >> blrules >> ~~~~~~~ >> Invalid(DROP) all all >> >> The above Invalid(DROP) rules will never execute since the outline state is >> NEW (rules) and "NEW,UNTRACKED" (blrules). > > Yes -- I admit that the compiler doesn't try to understand unmatchable > rules; this is only one example of that lack.
I've been able to pick some low-hanging fruit in this area; improvement will be seen in the next Beta/RC. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Everyone hates slow websites. So do we. Make your web apps faster with AppDynamics Download AppDynamics Lite for free today: http://p.sf.net/sfu/appdyn_d2d_jan
_______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
