On Jun 1, 2013, at 10:39 AM, Dash Four <[email protected]> wrote:
>
>>
> I think I finally got the bastard!
>
> Now, if I have the above statement in rules and have *no* other
> statements present, I am *not* getting these warnings. However, if I add
> the following:
>
> rules
> ~~~~~
> SECTION RELATED
> IFLOG(-,log1,-,accept,ACCEPT) $FW local
> IFLOG(-,log1,-,accept,ACCEPT) local $FW
>
> IFLOG(-,log1,-,drop,DROP) all all
>
> Then I get the warnings - all 4 of them, directing me at the last
> statement line ("all all"). Now, if I comment out either of the "$FW
> local" or "local $FW" statements, then I get only 2 warnings instead. If
> I comment out the last statement, then I don't get any warnings at all.
>
> So, what I think is happening is this:
>
> 1. The 3 statements above do something in combination that shorewall
> doesn't like very much and issues these warnings.
> 2. shorewall is telling me porkies about the erroneous line in my
> "rules" statement file (that the problem is with my last statement),
> confusing the hell out of me.
>
> Over to you Tom…
Okay -- apply this patch for now.
Thanks,
-Tom
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car
http://shorewall.net \________________________________________________
NOWARN.patch
Description: Binary data
------------------------------------------------------------------------------ Get 100% visibility into Java/.NET code with AppDynamics Lite It's a free troubleshooting tool designed for production Get down to code-level detail for bottlenecks, with <2% overhead. Download for free and get started troubleshooting in minutes. http://p.sf.net/sfu/appdyn_d2d_ap2
_______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
