On 25/01/2015 16:25, Tom Eastep wrote: > On 1/25/2015 3:39 AM, Ed W wrote: > >> - I have the following line in mangle: >> >> MARK(|0x8000):P +cp1[2] 0.0.0.0/0 ALL - - - 0/0x8000 >> >> - It gives an error "ERROR: Unknown ipset option (2)...", I presume it's >> not liking the "+cp1[2]" bit? >> >> Any chance of referring me to the relevant bit of the upgrade >> instructions as I assume I'm not reading the ipset options correctly >> now? (Note this was doing something expected in 4.5) > Looks like I managed to break that particular syntax :-( -- patch attached. > > -Tom
Super - thanks Tom. I can confirm that the syntax is at least accepted after using this patch (not tested functionality yet) Can I draw an upgrade issue to your attention: - ran "shorewall update -t" to upgrade an old tcrules - It converts commands "SHELL cat ...." to just "cat ..." - This causes an error due to wrong syntax. It at least doesn't error if I add back the "SHELL" bit (not tested functionality, but presumed ok) It would also be a "nice to have" if comments were preserved as part of this migration process, but hey, this migration thing is really quite magic already, I'm always going to ask for more unicorns! Many thanks for Shorewall! Ed W ------------------------------------------------------------------------------ Dive into the World of Parallel Programming. The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/ _______________________________________________ Shorewall-devel mailing list Shorewall-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-devel
