On 04/09/2013 12:41 AM, Tom Eastep wrote: > On 4/8/13 3:11 PM, "Farkas Levente" <lfar...@lfarkas.org> wrote: > >> On 04/08/2013 11:56 PM, Tom Eastep wrote: >>> On 4/8/13 11:56 AM, "Farkas Levente" <lfar...@lfarkas.org> wrote: >>> >>>> hi, >>>> in a master shorewall-lite setup before 4.5 it was possible to out such >>>> a line into params (on the master): >>> >>> Which Shorewall version were you using previously? >>> >>>> >>>> INCLUDE ../common/params >>>> >>>> it's no longer possible since it gives this error: >>>> >>>> /usr/share/shorewall/lib.common: line 708: >>>> /etc/shorewall/../common/params: No such file or directory >>>> >>>> even if i try to create a symlink to ../common/params as params.common >>>> and >>>> >>>> INCLUDE params.common >>>> >>>> /usr/share/shorewall/lib.common: line 708: >>>> /etc/shorewall/params.common: >>>> No such file or directory >>>> >>>> so not even relative path neither local files can be included. imho >>>> it's >>>> a regression since it was possible before. >>>> >>>> another note that it would be a good think in a master-lite setup to >>>> check the master and lite shorewall version and if they are not >>>> "compatible" (means whatever the "compatible"). eg: 4.5.4 and 4.5.14 >>>> are >>>> not compatible:-( >>> >>> I know of no incompatibility issues between versions of Shorewall and >>> Shorewall-lite. What compatibility problem are you seeing? >> >> different type of capabilities generated which can't be handled by the >> master (lite was 4.5.14 master 4.5.4), > > Those just generate warnings -- they are not real incompatibilities. > >> but i assume many other things >> can happened. eg: tos file no longer working as in 4.4. >> this was my previous tos file: >> >> all all tcp - ssh 16 >> all all tcp ssh - 16 >> all all tcp - ftp 16 >> all all tcp ftp - 16 >> all all tcp ftp-data - 8 >> all all tcp - ftp-data 8 >> all all tcp rsync - 8 >> all all tcp - rsync 8 >> >> which now gives iptables error. Etc > > I fail to see how different versions of Shorewall and Shorewall-lite have > anything to do with that.
it's just another example when something goes wrong (which was working in 4.4): Running /sbin/iptables-restore... iptables-restore v1.3.5: Bad TOS value `0x10/0xff' Error occurred at line: 32 Try `iptables-restore -h' or 'iptables-restore --help' for more information. ERROR: iptables-restore Failed. Input is in /var/lib/shorewall-lite/.iptables-restore-input Restoring Shorewall Lite... -- Levente "Si vis pacem para bellum!" ------------------------------------------------------------------------------ Precog is a next-generation analytics platform capable of advanced analytics on semi-structured data. The platform includes APIs for building apps and a phenomenal toolset for data science. Developers can use our toolset for easy data analysis & visualization. Get a free account! http://www2.precog.com/precogplatform/slashdotnewsletter _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
