Eric Wolzak wrote: > > Hello Larry, Jacques ,list > > Larry Jacques allready answered your question, but just to explain > why this is done. > > > Is it just my copy view firewall rules that only has zero for packacts > > and > > > bytes fields? > > > > Ok. So it's because you are viewing your firewall rules through weblet. > > When Shorewall is started, the following /etc/shorewall/start script is > > executed. > > <BOF> > > shorewall show >/var/sh-www/data/firewall > > chown sh-httpd.adm /var/sh-www/data/firewall > > shorewall show nat >/var/sh-www/data/masq > > chown sh-httpd.adm /var/sh-www/data/masq > > <EOF> > > the firewall & masq files are the one you see through weblet > > Since this is executed at the very begining of the session it is normal > > that you find zeros for packects and bytes fields. > As root you can do iptables -L ....etc. > or using shorewall shorewall show which is in effect the same. > > The problem with the weblet is that weblet runs as a non-privileged > user and so is not allowed to execute iptables. > > To be able to view the rules anyway, i decided to use a "dump" of > the firewall rules by the firewall script at the end of the startup. > And then change the permissions of this file. > You could alternatively ofcours let weblet run as root (security item) > or call the shorewall show by a cron job. > Perhaps I should filter the number of bytes and packages out to > avoid the confusion.
What about outsourcing the necessary code to another (setuid) script and then weblet running it? -- Best Regards, mds mds resource 888.250.3987 Dare to fix things before they break . . . Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
