On 07/06/2017 04:11 AM, Vieri Di Paola via Shorewall-users wrote: > > ________________________________ > From: Tom Eastep <[email protected]> >> >> I see that you are using interface names as the SOURCE in your >> masquerade/snat rules. That has been deprecated for years (and generates >> warnings during compilation). > > > I've been using Shorewall since 2002/2003. I always used the "masq" file > until now. > The warning didn't bother me much because it says that the interface must be > up and configured beforehand. > > > My /etc/shorewall/snat includes another file. > > # cat /etc/shorewall/snat > ?IF $FW_TYPE > > INCLUDE /SAMBA/${FW_TYPE}_extra/snat.FHM > > ?ENDIF >
This is why, with AUTOMAKE=Yes, 'check' can fail but 'start' succeeds.
With AUTOMAKE=Yes, /sbin/shorewall looks at the directories named in
CONFIG_PATH and it runs the compiler only if it finds one newer than
/var/lib/shorewall/firewall. I assume that /SAMBA/${FW_TYPE}_extra/ is
not on the CONFIG_PATH...
-Tom
--
Tom Eastep \ Q: What do you get when you cross a mobster with
Shoreline, \ an international standard?
Washington, USA \ A: Someone who makes you an offer you can't
http://shorewall.org \ understand
\_______________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
