On 9/7/10 3:27 PM, Mr Dash Four wrote: > The rpm you last sent me (two days ago I think it was) did not work as > this was one of the first things I tried (I do like this feature as it > gives me an instant indication of 'my' code when I look at the chains, > rather than the generated stuff from iptables/Shorewall) - it gave me an > error during compilation: insufficient number of columns/parameters or > something.
That must not have been the second RPM I sent -- I just installed the second one (taken from my mailer's 'sent' log) on a SuSE box and tested with the following nonsense secmarks file: COMMENT foo a:b:c I:N lo 127.0.0.1 tcp 3306 COMMENT And it generated this iptables-restore input: -A tcin -m conntrack --ctstate NEW -p 6 --dport 3306 -i lo -d 127.0.0.1 -j SECMARK --selctx a:b:c -m comment --comment "foo" > No worries, just let me know and I'll give it a go again. I would appreciate getting a copy of your finished secmarks configuration so I can include it as an example on the web site and in the document packages. Thanks, -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ This SF.net Dev2Dev email is sponsored by: Show off your parallel programming skills. Enter the Intel(R) Threading Challenge 2010. http://p.sf.net/sfu/intel-thread-sfd
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
