> The Shorewall team is pleased to announce the availability of Shorewall > 4.6.0.
Hi Tom and all, Thanks for the new release! I found an issue I'm not sure how to solve, sorry for finding it only now that the release is out. I was having this in my tcrules file: # # fix udp checksums for dhclient on local KVM guests # CHECKSUM:T $FW 0.0.0.0/0 udp bootpc I converted it using "shorewall update -t" and it gave me this in mangle: CHECKSUM:T fw 0.0.0.0/0 udp bootpc On restart I got Checking /etc/shorewall/mangle... ERROR: Rules with SOURCE $FW must use the OUTPUT chain /etc/shorewall/mangle (line 33) Now, I've just removed :T like so CHECKSUM fw 0.0.0.0/0 udp bootpc Now I get this: Running /sbin/iptables-restore... iptables-restore v1.4.7: CHECKSUM target: Parameter --checksum-fill is required Error occurred at line: 41 Try `iptables-restore -h' or 'iptables-restore --help' for more information. ERROR: iptables-restore Failed. Input is in /var/lib/shorewall/.iptables-restore-input and line 41 is: -A tcout -p 17 --dport 68 -j CHECKSUM The --checksum-fill is really missing somehow. Is my config wrong or is it a bug? BTW, you may want to add the cosmetic fxes below. Thanks a lot and sorry for the spaghetti bug report. Simon --- shorewall-4.6.0.0-1.el5.noarch/etc/shorewall/mangle.orig 2014-05-15 17:20:10.000000000 +0200 +++ shorewall-4.6.0.0-1.el5.noarch/etc/shorewall/mangle 2014-05-16 10:52:02.000000000 +0200 @@ -1,7 +1,7 @@ # # Shorewall version 4 - Mangle File # -# For information about entries in this file, type "man shorewall-tcrules" +# For information about entries in this file, type "man shorewall-mangle" # # See http://shorewall.net/traffic_shaping.htm for additional information. # For usage in selecting among multiple ISPs, see [simix@wurro Z]$ diff -Nau shorewall6-4.6.0.0-1.el5.noarch/etc/shorewall6/mangle.orig shorewall6-4.6.0.0-1.el5.noarch/etc/shorewall6/mangle --- shorewall6-4.6.0.0-1.el5.noarch/etc/shorewall6/mangle.orig 2014-05-15 17:20:10.000000000 +0200 +++ shorewall6-4.6.0.0-1.el5.noarch/etc/shorewall6/mangle 2014-05-16 10:51:45.000000000 +0200 @@ -1,7 +1,7 @@ # # Shorewall6 version 4 - Mangle File # -# For information about entries in this file, type "man shorewall6-tcrules" +# For information about entries in this file, type "man shorewall6-mangle" # # See http://shorewall.net/traffic_shaping.htm for additional information. # For usage in selecting among multiple ISPs, see ------------------------------------------------------------------------------ "Accelerate Dev Cycles with Automated Cross-Browser Testing - For FREE Instantly run your Selenium tests across 300+ browser/OS combos. Get unparalleled scalability from the best Selenium testing platform available Simple to use. Nothing to install. Get started now for free." http://p.sf.net/sfu/SauceLabs _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
