On Wed, 2017-12-20 at 10:20 -0800, Tom Eastep wrote:
> On 12/20/2017 09:33 AM, Brian J. Murrell wrote:
> >
> > Compiling /etc/shorewall6/gw-Reboot/rules...
> > ERROR: Unknown destination zone (&{INT_SRV_ALL_DSTS})
> > /usr/share/shorewall/macro.Auth (line 9)
> > from /etc/shorewall6/gw-Reboot/rules (line 83)
> >
> > I have tried simplifying and assigning INT_SRV_ALL_DSTS directly
> > with
> > the much more simple:
> >
> > INT_SRV_ALL_DSTS=loc:2607:1234:5678:cd00::2,2001:5432:9876:6700::2,
> > 2001:bad:beef::2
>
> Two problems:
>
> a) You need to specify a destination zone; that's why you are getting
> the error.I thought I did. It is "loc" in "INT_SRV_ALL_DSTS=loc:...". > b) Once you fix that, you will still get an error because each > runtime > address variable may hold exactly *one* ip address. Hrm. Run-time variables are not going to be the solution here then I guess. Unless there is a technique I'm not seeing. I suppose I could use an ipset for this sort of thing where some extension script builds the ipset contents on [re-]start. Cheers, b.
signature.asc
Description: This is a digitally signed message part
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
