Tom
When a rule that specifies source port 0 or destination port 0 calls a macro the source port and destination ports in the macro are not overridden. E.G. rule: sjs/ACCEPT $FW $L3 tcp 0 0 macro sjs: PARAM - - tcp 22 10 generates iptables-rule: -A fw2lan -p 6 --dport 22 --sport 100 -d 192.168.0.3 -j ACCEPT Steven. ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
