On 12/22/2017 08:09 AM, Oliver Freyermuth via Shorewall-users wrote: > Dear Shorewallers, > > since the problem is rather pinned down already and easy to reproduce, let me > try with a minimal bugreport - if more info is really needed, just let me > know. > > I am using shorewall 6, version 5.1.9. > > If I specify in "interfaces": > net + dhcp,routeback,optional > then the ACCEPT rules for 546:547 (DHCPv6) are not created(!). > > If I specify: > net eth0 dhcp,routeback,optional > it works fine, and I observe the 546:547 udp rules being created. > > So the problem only exists if the interface is a "+" matching string (also > e.g. "e+" fails). > I'm right now helping myself with a macro.DHCPv6 opening 546:547 udp, which I > just ACCEPT from net. >
You can also work around the problem by changing your interfaces entry to: net all dhcp,routeback,optional,physical=+ -Tom -- Tom Eastep \ Q: What do you get when you cross a mobster with Shoreline, \ an international standard? Washington, USA \ A: Someone who makes you an offer you can't http://shorewall.org \ understand \_______________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
