On 9/11/10 9:06 AM, Tom Eastep wrote: > On 9/11/10 7:40 AM, Steven Jan Springl wrote: > >> tcrules entry: >> >> SAME:P 192.168.120.0/24 0.0.0.0 >> >> produces the following messages: >> >> iptables v1.4.9.1: Cannot use -A with -A >> >> ERROR: Command "/usr/local/sbin/iptables -A setsticky -A -s >> 192.168.120.0/24 -d 0.0.0.0 -m mark --mark 0x1/0xff -m recent --name >> sticky001 --set" Failed > > Steven, > > Commit dbc9f6ac8fa164a157239401af87fbf51f29ecd2 corrects this problem. > The fix was only 5 lines but it took me quite a while to locate the > proper 5 lines :-)
There were actually two defects. The first is the one you found. After I corrected that one, then OPTIMIZE=15 generated invalid iptables input. I just corrected the case where SAME is used with SOURCE $FW; that's commit 367fc041b8b34deb60bc6bdd821a9de5333f2c06. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Start uncovering the many advantages of virtual appliances and start using them to simplify application deployment and accelerate your shift to cloud computing http://p.sf.net/sfu/novell-sfdev2dev
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
