Package: fwbuilder Version: 2.1.8-1+b1 Severity: normal Hello,
I just tried to create a rule which sends all the packages which are not from some specific subnet to a new rule chain. Doing this fwbuilder generates the following code: $IPTABLES -N Cid46A057AE27241.0 $IPTABLES -A INPUT -i inet -d XXX.XX.XXX.XX -j Cid46A057AE27241.0 $IPTABLES -N CHAIN $IPTABLES -A Cid46A057AE27241.0 -s YY.Y.Y.Y/8 -j CHAIN $IPTABLES -A Cid46A057AE27241.0 -j CHAIN As you can see all the packages are send to the CHAIN. It always generates this output, no matter if negation of the source network is enabled or not. I expect the second last rule to look like this: $IPTABLES -A Cid46A057AE27241.0 -s YY.Y.Y.Y/8 -j RETURN Regards, Daniel -- System Information: Debian Release: lenny/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 2.6.18-4-xen-amd64 (SMP w/1 CPU core) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages fwbuilder depends on: ii fwbuilder-common 2.1.8-1 Firewall administration tool GUI ( ii fwbuilder-linux [fwbuil 2.1.8-1+b1 Firewall Builder policy compiler(s ii libc6 2.6-2 GNU C Library: Shared libraries ii libfwbuilder7 2.1.8-1+b1 Firewall Builder API library ii libgcc1 1:4.2-20070712-1 GCC support library ii libqt3-mt 3:3.3.7-5 Qt GUI Library (Threaded runtime v ii libsnmp10 5.3.1-7 SNMP (Simple Network Management Pr ii libssl0.9.8 0.9.8e-5+b1 SSL shared libraries ii libstdc++6 4.2-20070712-1 The GNU Standard C++ Library v3 ii libwrap0 7.6.dbs-13 Wietse Venema's TCP wrappers libra ii libx11-6 2:1.0.3-7 X11 client-side library ii libxext6 1:1.0.3-2 X11 miscellaneous extension librar ii libxml2 2.6.29.dfsg-1 GNOME XML library ii libxslt1.1 1.1.21-1 XSLT processing library - runtime fwbuilder recommends no packages. -- no debconf information
signature.asc
Description: Digital signature