On 7/7/2015 2:31 PM, Thomas D. wrote: > Hi Tom, > >> New Features: >> >> 1) Over the years, a number of changes have been added to Shorewall >> that work around defects in other products. When running a current >> distribution, these workarounds are unnecessary and add to the time >> required for normal Shorewall operations. >> >> Beginning in this release, those workarounds may be disabled by >> setting WORKAROUNDS=No in shorewall.conf. > I run > > # shorewall update -A > Updating...... > Processing /etc/shorewall/params ... > Processing /etc/shorewall/shorewall.conf... > No update required to configuration file /etc/shorewall/shorewall.conf; > /etc/shorewall/shorewall.conf.bak not saved > Loading Modules... > Converting 'FORMAT' and 'COMMENT' lines to compiler directives... > Checking /etc/shorewall/zones... > Checking /etc/shorewall/interfaces... > Determining Hosts in Zones... > Locating Action Files... > Checking /etc/shorewall/policy... > Running /etc/shorewall/initdone... > Adding Anti-smurf Rules > Adding rules for DHCP > Checking TCP Flags filtering... > Checking Kernel Route Filtering... > Checking Martian Logging... > Checking MAC Filtration -- Phase 1... > Checking /etc/shorewall/rules... > Checking /etc/shorewall/conntrack... > Checking MAC Filtration -- Phase 2... > Applying Policies... > Checking /usr/share/shorewall/action.Reject for chain Reject... > Checking /usr/share/shorewall/action.Broadcast for chain Broadcast... > Shorewall configuration verified > > # grep -i work /etc/shorewall/shorewall.conf > > I expected to see "WORKAROUNDS" in shorewall.conf. Is that wrong? Hi Thomas,
I'm not able to reproduce that issue: teastep@teastep-envy ~/shorewall/test/two-interfaces $ fgrep WORKAROUNDS shorewall.conf teastep@teastep-envy ~/shorewall/test/two-interfaces $ shorewall update . Updating...... Processing /etc/shorewall/params ... Processing /home/teastep/shorewall/test/two-interfaces/shorewall.conf... Configuration file /home/teastep/shorewall/test/two-interfaces/shorewall.conf updated - old file renamed /home/teastep/shorewall/test/two-interfaces/shorewall.conf.bak Checking /home/teastep/shorewall/test/two-interfaces/zones... Checking /home/teastep/shorewall/test/two-interfaces/interfaces... Determining Hosts in Zones... Locating Action Files... Checking /home/teastep/shorewall/test/two-interfaces/policy... Adding Anti-smurf Rules Adding rules for DHCP Checking TCP Flags filtering... Checking Kernel Route Filtering... Checking Martian Logging... Checking Accept Source Routing... Checking /home/teastep/shorewall/test/two-interfaces/masq... Checking MAC Filtration -- Phase 1... Checking /home/teastep/shorewall/test/two-interfaces/rules... Checking /etc/shorewall/conntrack... Checking MAC Filtration -- Phase 2... Applying Policies... Checking /usr/share/shorewall/action.Reject for chain Reject... Checking /usr/share/shorewall/action.Broadcast for chain Broadcast... Checking /usr/share/shorewall/action.Drop for chain Drop... Checking /home/teastep/shorewall/test/two-interfaces/stoppedrules... Shorewall configuration verified teastep@teastep-envy ~/shorewall/test/two-interfaces $ fgrep WORKAROUNDS shorewall.conf WORKAROUNDS=Yes teastep@teastep-envy ~/shorewall/test/two-interfaces Did the updated shorewall.conf file get installed and where did it get installed? -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Don't Limit Your Business. Reach for the Cloud. GigeNET's Cloud Solutions provide you with the tools and support that you need to offload your IT needs and focus on growing your business. Configured For All Businesses. Start Your Cloud Today. https://www.gigenetcloud.com/
_______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
