On 3/8/13 5:25 PM, "Mr Dash Four" <[email protected]> wrote:
> >>> It is going to have to wait until Beta 1. There are some issues to >>>resolve. >>> >> >> I woke up this morning with an easy solution to those issues. Patch is >> attached. >> >OK, the patch works, though I found a few other "interesting" issues: >When I completely disable the blackhole routes in shorewall.conf, then >put "-" in my DUPLICATE column in "providers" (instead of "main" as was >the case - the idea being - tell shorewall "do not duplicate anything"), >bearing in mind that I also have "none" in COPY, I get the following >message: > >ERROR: A non-empty COPY column requires that a routing table be >specified in the DUPLICATE column. That problem is resolved by the attached patch. > >OK, I then placed "none" in DUPLICATE and this time I've got something >else: > >Error: argument "none" is wrong: table id value is invalid > >though shorewall was happy with this as it processed everything else and >started successfully, not copying anything I didn't specify into my new >provider table - all routes which appear there are as expected. I'm not sure that this issue is completely solvable. Suppose that your /etc/shorewall/init file populates table 46. Then you place 46 in the DUPLICATE column. With the current code, that will work; any change I make to reject '46' at compile time will break this scenario. How about a warning that says that the content of the DUPLICATE column is not a recognized standard routing table? -Tom You do not need a parachute to skydive. You only need a parachute to skydive twice.
DUPLICATE.patch
Description: Binary data
------------------------------------------------------------------------------ Symantec Endpoint Protection 12 positioned as A LEADER in The Forrester Wave(TM): Endpoint Security, Q1 2013 and "remains a good choice" in the endpoint security space. For insight on selecting the right partner to tackle endpoint security challenges, access the full report. http://p.sf.net/sfu/symantec-dev2dev
_______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
