On Thu, Oct 10, 2019 at 6:37 PM Tom Eastep <teas...@shorewall.net> wrote:
> > This other rule seems to work: > > > > ACCEPT lan12,lan13:~00-E3-C0-5F-81-5D > > soc,s100 all > > MAC addresses may only be used in the SOURCE column -- a careful reading > of shorewall-rules(5) should make that clear. In my previous examples, I've always used the MAC addresses only in the SOURCE column. One of my examples was: ACCEPT $FW:~00-E3-C0-5F-81-5D soc,s100 all The MAC addr. is in the SOURCE column. However, I'm getting this error from "shorewall check": ERROR: A MAC address(~00-E3-C0-5F-81-5D) cannot be used in this context Replacing $FW with 'all' yields the same error (in the SOURCE column). Using any other zone does not produce this error message. Vieri _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
