Re: [Shorewall-devel] Shorewall 4.5.14 RC 2

Thu, 07 Mar 2013 17:05:15 -0800 

On 3/7/13 4:26 PM, "Mr Dash Four" <[email protected]> wrote:

>
>> The first bug fix below should receive wider testing. So I have uploaded
>> 4.5.14 RC 2. I went ahead and included a simple new feature (see below),
>> but I neglected to include the change that allows generating '-m
>> multiport --ports <port list>' by placing '=' SOURCE PORT(S) columns.
>>   
>I am not sure I understand this - care to elaborate?

Here's an example from the accounting file:

  #ACTION           CHAIN    SOURCE   DEST    PROTO   DEST    SOURCE
  #                               PORT(S) PORT(S)
  COUNT   -     br0    -     tcp  80      =

    This rule matches all TCP packets entering through br0 where either
    the source port or the destination port is 80.



>Good on all counts as far as I can see.

Good - thanks.

>
>The fictitious interface name in "providers" is fixed as well, though
>when I add "lo" (loopback) (loopback is in a state of "ignore" in my
>"interfaces" - just FYI) I get a few funnies generated which should not
>be there, like:
>
>run_ip route replace <default gateway address> src $SW_LO_ADDRESS dev lo
>run_ip route replace <default gateway address> src $SW_LO_ADDRESS dev lo
>table XX
>run_ip route add default via <default gateway address> src
>$SW_LO_ADDRESS dev lo table XX

Where else to you mention 'lo' in your configuration. I have an entry like
yours in my interfaces file and I don't have that issue.
>
>Would there be a way for me to manipulate the blackhole routes in my
>main table or is this for another day?

It is going to have to wait until Beta 1. There are some issues to resolve.

-Tom
You do not need a parachute to skydive. You only need a parachute to
skydive twice.





------------------------------------------------------------------------------
Symantec Endpoint Protection 12 positioned as A LEADER in The Forrester  
Wave(TM): Endpoint Security, Q1 2013 and "remains a good choice" in the  
endpoint security space. For insight on selecting the right partner to 
tackle endpoint security challenges, access the full report. 
http://p.sf.net/sfu/symantec-dev2dev
_______________________________________________
Shorewall-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-devel

Reply via email to