On 09/25/2013 09:37 AM, Tom Eastep wrote: > On 9/24/2013 2:34 PM, Orion Poplawski wrote: >> I want to be able to serve some mDNS information from our firewall to our >> visitor network. I tried adding the following to our rules: >> >> mDNS(ACCEPT) net:10.11.0.0/24 $FW >> >> shorewall check errors with: >> >> Checking /etc/shorewall/rules... >> ERROR: Unknown destination zone (224.0.0.251) >> /usr/share/shorewall/macro.mDNS (line 16) >> from /etc/shorewall/rules (line 62) >> >> Any idea what is up? > > The way that the macro is written, you may not qualify the SOURCE. You need: > > mDNS(ACCEPT) NET $FW > > -Tom
Hi Tom, Should we be thinking about a rewrite of that macro? Looking at it right now, it doesn't make a lot of sense to me if the destination is the firewall. (e.g. We don't necessarily care that the destination is 224.0.0.251) Or perhaps add another rule specifically using $FW as the destination? I'd be happy to have a shot at it with Orion and get you a patch after he's tested it. Regards, Paul ------------------------------------------------------------------------------ October Webinars: Code for Performance Free Intel webinars can help you accelerate application performance. Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from the latest Intel processors and coprocessors. See abstracts and register > http://pubads.g.doubleclick.net/gampad/clk?id=60133471&iu=/4140/ostg.clktrk _______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
