On 9/22/2014 5:59 PM, jone...@teksavvy.com wrote: > Hello, > > For advanced TC, only tcrules can be different regarding IPv4/IPv6 > because tcrules can contain IP addresses. So far, what I observed is > that an IPv6 rule must be processed by shorewall6. Which would make > sense. What I'm not sure about though, is that the 'IPv6 Support' says > that when using TC with both, that one side must be disabled by having > TC_ENABLED=No and TC_CLEAR=No in that side. > > So if there are both IPv4 and IPv6 tcrules used, does this mean that, > for instance the IPv6 side is disabled and then shorewall AND > shorewall6 ae run and the IPv6 tcrules will be processed even though it > is marked disabled in shorewall6.conf ? As you see, I'm not sure how > it goes. Any help much appreciated.
The tcrules file is processed regardless of the settings of TC_ENABLED and TC_CLEAR. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users