Re: [Shorewall-users] Shorewall 4.6.4.3 on Debian & ipsets

Tue, 06 Feb 2018 11:40:44 -0800 

On 06/02/2018 17:38, Nicola Ferrari (#554252) wrote:
> Hi list!
> 


I'm sorry guys.. In the previous message I forgot to mention that
"shorewall show capabilities" gives me the following output:


Shorewall has detected the following iptables/netfilter capabilities:
   ACCOUNT Target (ACCOUNT_TARGET): Available
   Address Type Match (ADDRTYPE): Available
   Amanda Helper: Available
   Arptables JF: Not available
   AUDIT Target (AUDIT_TARGET): Available
   Basic Ematch (BASIC_EMATCH): Available
   Basic Filter (BASIC_FILTER): Available
   Capabilities Version (CAPVERSION): 40600
   Checksum Target: Available
   CLASSIFY Target (CLASSIFY_TARGET): Available
   Comments (COMMENTS): Available
   Condition Match (CONDITION_MATCH): Available
   Connection Tracking Match (CONNTRACK_MATCH): Available
   Connlimit Match (CONNLIMIT_MATCH): Available
   Connmark Match (CONNMARK_MATCH): Available
   CONNMARK Target (CONNMARK): Available
   CT Target (CT_TARGET): Available
   DSCP Match (DSCP_MATCH): Available
   DSCP Target (DSCP_TARGET): Available
   Enhanced Multi-port Match (EMULIPORT): Available
   Extended Connection Tracking Match Support (NEW_CONNTRACK_MATCH):
Available
   Extended Connmark Match (XCONNMARK_MATCH): Available
   Extended CONNMARK Target (XCONNMARK): Available
   Extended MARK Target 2 (EXMARK): Available
   Extended MARK Target (XMARK): Available
   Extended Multi-port Match (XMULIPORT): Available
   Extended REJECT (ENHANCED_REJECT): Available
   FLOW Classifier (FLOW_FILTER): Available
   FTP-0 Helper: Not available
   FTP Helper: Available
   fwmark route mask (FWMARK_RT_MASK): Available
   Geo IP match: Not available
   Goto Support (GOTO_TARGET): Available
   H323 Helper: Available
   Hashlimit Match (HASHLIMIT_MATCH): Available
   Header Match (HEADER_MATCH): Not available
   Helper Match (HELPER_MATCH): Available
   IMQ Target (IMQ_TARGET): Not available
   IPMARK Target (IPMARK_TARGET): Available
   IPP2P Match (IPP2P_MATCH): Available
   IP range Match(IPRANGE_MATCH): Available
   ipset V5 (IPSET_V5): Available
   iptables -S (IPTABLES_S): Available
   IRC-0 Helper: Not available
   IRC Helper: Available
   Kernel Version (KERNELVERSION): 31600
   LOGMARK Target (LOGMARK_TARGET): Available
   LOG Target (LOG_TARGET): Available
   Mangle FORWARD Chain (MANGLE_FORWARD): Available
   Mark in the filter table (MARK_ANYWHERE): Available
   MARK Target (MARK): Available
   MASQUERADE Target: Available
   Multi-port Match (MULTIPORT): Available
   NAT (NAT_ENABLED): Available
   Netbios_ns Helper: Available
   New tos Match: Available
   NFAcct match: Not available
   NFLOG Target (NFLOG_TARGET): Available
   NFQUEUE Target (NFQUEUE_TARGET): Available
   Owner Match (OWNER_MATCH): Available
   Owner Name Match (OWNER_NAME_MATCH): Available
   Packet length Match (LENGTH_MATCH): Available
   Packet Mangling (MANGLE_ENABLED): Available
   Packet Type Match (USEPKTTYPE): Available
   Persistent SNAT (PERSISTENT_SNAT): Available
   Physdev-is-bridged Support (PHYSDEV_BRIDGE): Available
   Physdev Match (PHYSDEV_MATCH): Available
   Policy Match (POLICY_MATCH): Available
   PPTP Helper: Available
   Rawpost Table (RAWPOST_TABLE): Not available
   Raw Table (RAW_TABLE): Available
   Realm Match (REALM_MATCH): Available
   Recent Match "--reap" option (REAP_OPTION): Available
   Recent Match (RECENT_MATCH): Available
   Repeat match (KLUDGEFREE): Available
   RPFilter match: Available
   SANE-0 Helper: Not available
   SANE Helper: Available
   SIP-0 Helper: Not available
   SIP Helper: Available
   SNMP Helper: Available
   Statistic Match (STATISTIC_MATCH): Available
   TCPMSS Match (TCPMSS_MATCH): Available
   TFTP-0 Helper: Not available
   TFTP Helper: Available
   Time Match (TIME_MATCH): Available
   TPROXY Target (TPROXY_TARGET): Available
   UDPLITE Port Redirection: Not available
   ULOG Target (ULOG_TARGET): Available


Thanks again!
Nick

-- 
+---------------------+
| Linux User  #554252 |
+---------------------+


------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users

Reply via email to