Hi,
I have the following entry in blrules.
BLACKLIST play:+blacklist all
In earlier that rule generate the correct iptables rules:
$sudo shorewall show | grep BLACK
0 0 blacklog all -- * * 0.0.0.0/0 0.0.0.0/0
match-set blacklist src /* BLACKLIST */
0 0 blacklog all -- * * 0.0.0.0/0 0.0.0.0/0
match-set blacklist src /* BLACKLIST */
0 0 blacklog all -- * * 0.0.0.0/0 0.0.0.0/0
match-set blacklist src /* BLACKLIST */
0 0 blacklog all -- * * 0.0.0.0/0 0.0.0.0/0
match-set blacklist src /* BLACKLIST */
But in shorewall-4.5.17 the ipset match dissapeared.
$sudo shorewall show | grep BLACK
0 0 blacklog all -- * * 0.0.0.0/0 0.0.0.0/0
/* BLACKLIST */
0 0 blacklog all -- * * 0.0.0.0/0 0.0.0.0/0
/* BLACKLIST */
0 0 blacklog all -- * * 0.0.0.0/0 0.0.0.0/0
/* BLACKLIST */
0 0 blacklog all -- * * 0.0.0.0/0 0.0.0.0/0
/* BLACKLIST */
I have bisected and found that:
0b5a316cfc287c9d3ab0d964372081ffb67d5751 is the first bad commit
--
Christer
------------------------------------------------------------------------------
Get 100% visibility into Java/.NET code with AppDynamics Lite
It's a free troubleshooting tool designed for production
Get down to code-level detail for bottlenecks, with <2% overhead.
Download for free and get started troubleshooting in minutes.
http://p.sf.net/sfu/appdyn_d2d_ap2
_______________________________________________
Shorewall-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-devel
