Hi Tom, --- Tom Eastep <[EMAIL PROTECTED]> wrote:
> Tom Eastep wrote: > > Tom Eastep wrote: > >> Christian Schneider wrote: > >> > >>> > >>> Could you remove that check for norfc1918 > options on interfaces with > >>> rfc1918 addresses, Tom, please? > >> > >> Remove it yourself! All of the HOWTOs make a > point of that issue and > >> if you just remove the 'norfc1918' option as the > HOWTOs direct in > >> cases like this, then you won't have this issue. > > > > As an aside, Shorewall-perl 4.2 drops the > 'norfc1918' option. > > Not quite true -- I looked at the 4.2.0-Beta1 code > again and it deprecates > the 'norfc1918' option and it only gives a warning > if the option is > specified on an interface with an RFC-1918 address. > > The bottom line is that the 'norfc1918' option was > probably a bad idea to > begin with, it is going away, and I recommend > against using it. Why is it such a bad idea? I remember when I didn't use it my firewalls would get hammered with those rfc1918 spoofed addresses. Regards, Michael. > -Tom > -- > Tom Eastep \ Nothing is foolproof to a > sufficiently talented fool > Shoreline, \ http://shorewall.net > Washington USA \ [EMAIL PROTECTED] > PGP Public Key \ > https://lists.shorewall.net/teastep.pgp.key > > > ------------------------------------------------------------------------- > This SF.net email is sponsored by: Microsoft > Defy all challenges. Microsoft(R) Visual Studio > 2008. > http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/> _______________________________________________ > Shorewall-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/shorewall-users > Get the name you always wanted with the new y7mail email address. www.yahoo7.com.au/mail ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
