On 4/9/13 9:47 AM, "Mr Dash Four" <[email protected]> wrote:
> >>> I have one last query for you: if I specify "INLINE $FW net tcp 1234 ; >>> -p udp --dport 1235 -j SECCTX --name foo" what would happen? Would >>> shorewall issue an error, or would shorewall process one statement >>>over >>> the other (which one?) and issue a warning? >>> >> >> That will generate an error. >> >Good! I presume the outcome would be the same if I "duplicate" other >parts of the iptables statement (source port, user id and so on), correct? For those that can't be duplicated, yes. But I wouldn't guarantee that the logic there is perfect, because it was created to catch screwups in Shorewall's rule generation and not user-supplied input. I'm sure that there will be cases where Shorewall will be silent but iptables will complain. -Tom You do not need a parachute to skydive. You only need a parachute to skydive twice. ------------------------------------------------------------------------------ Precog is a next-generation analytics platform capable of advanced analytics on semi-structured data. The platform includes APIs for building apps and a phenomenal toolset for data science. Developers can use our toolset for easy data analysis & visualization. Get a free account! http://www2.precog.com/precogplatform/slashdotnewsletter _______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
