On Wed, Sep 24, 2014, at 12:37 PM, Tom Eastep wrote: > If ADMINISABSENTMINDED=No, a warning message is issued and the > setting is ignored.
Noted. That leaves me unclear as to why the behavior in my example was 'somewhat' sensitive to the setting. Hm ... > In addition to connections matching entries in stoppedrules, > existing connections continue to work and all new connections from > the firewall system itself are allowed. To sever all existing > connections when the firewall is stopped, install the conntrack > utility and place the command conntrack -F in the stopped user exit > (/etc/shorewall/stopped). Thanks. ------------------------------------------------------------------------------ Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
