The 'detectnets' interface option has always been a rather silly feature. For incoming packets, it duplicates the function of the 'routefilter' option. It provides no value on output since it enforces the same thing that the routing table does. In other words, if you set 'routefilter' and 'log_martians' you get the same effect.
I've decided to remove the 'detectnet' option from future versions of Shorewall-perl. Shorewall-perl 4.0.4 will issue a warning message that the option is going away; Shorewall-perl will issue a warning message that support for the option has been dropped. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
