--On Wednesday, January 01, 2003 2:06 AM +0100 Cristian Giussani <[EMAIL PROTECTED]> wrote:
Your first step (removing the UPNP rule from common.def is:I have build a new version of upnpd for bering. The new version is based on linux-igd 0.90; I have also written some instructions on how to use upnpd with shorewall. Take a look at http://www.fastflow.it/floppinux/bering and let me know.
a) Unnecessary -- your ACCEPT rules will be traversed well before the common chain is traversed.
b) Wrong -- You should NEVER modify the common.def file. This is pointed out in the comments at the beginning of the file and is reinforced at http://shorewall.sf.net/shorewall_extension_scripts.htm.
The 'common' chain it traversed after all rules have failed to match and before a DROP or REJECT policy is applied -- the only reason for the DROP rule for UPNP is so your log won't fill up with DROP or REJECT messages if you specify logging on your policy.
-Tom
--
Tom Eastep \ Shorewall - iptables made easy
Shoreline, \ http://shorewall.sf.net
Washington USA \ [EMAIL PROTECTED]
-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
