Re: [Shorewall-devel] Shorewall 4.4.23 RC 2

On Sep 2, 2011, at 5:27 PM, Steven Jan Springl wrote: > > That's fixed the issue. Thanks, Steven I'll post a patch to netfilter-devel tomorrow. -Tom Tom Eastep\ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Wash

Re: [Shorewall-devel] Shorewall 4.4.23 RC 2

On Saturday 03 September 2011 01:10:35 Tom Eastep wrote: > On Sep 2, 2011, at 4:56 PM, Tom Eastep wrote: > > On Sep 2, 2011, at 4:08 PM, Steven Jan Springl wrote: > >> In the attahced config. secmarks contains: > >> > >> RESTORE O:ER - eth0 udp 53 > >> > >> When the following commands are issu

Re: [Shorewall-devel] Shorewall 4.4.23 RC 2

On Sep 2, 2011, at 4:56 PM, Tom Eastep wrote: > On Sep 2, 2011, at 4:08 PM, Steven Jan Springl wrote: >> In the attahced config. secmarks contains: >> >> RESTORE O:ER - eth0 udp 53 >> >> When the following commands are issued: >> >> shorewall start /etc/shorewallT6 >> shorewall safe-restar

Re: [Shorewall-devel] Shorewall 4.4.23 RC 2

On Saturday 03 September 2011 00:56:54 Tom Eastep wrote: > On Sep 2, 2011, at 4:08 PM, Steven Jan Springl wrote: > > Tom > > > > In the attahced config. secmarks contains: > > > > RESTORE O:ER - eth0 udp 53 > > > > When the following commands are issued: > > > > shorewall start /etc/shorewallT

Re: [Shorewall-devel] Shorewall 4.4.23 RC 2

On Sep 2, 2011, at 4:08 PM, Steven Jan Springl wrote: > Tom > > In the attahced config. secmarks contains: > > RESTORE O:ER - eth0 udp 53 > > When the following commands are issued: > > shorewall start /etc/shorewallT6 > shorewall safe-restart /etc/shorewallT6 > > then reply 'n' when pro

Re: [Shorewall-devel] Shorewall 4.4.23 RC 2

Tom In the attahced config. secmarks contains: RESTORE O:ER - eth0 udp 53 When the following commands are issued: shorewall start /etc/shorewallT6 shorewall safe-restart /etc/shorewallT6 then reply 'n' when prompted. The following iptables rule is generated in .safe-iptables: -A OUTPUT

[Shorewall-devel] Shorewall 4.4.23 RC 2

RC 2 is now available for testing (Early RC1 testing on a RedHat-based system with dynamic provider gateways uncovered a couple of debilitating defects in the enable/disable logic). Thank you for testing, -Tom -- Tom Eastep\ When I die, I want to go like my Grandfather who Shoreline,

Re: [Shorewall-devel] problem with 4.4.23-RC1

On Fri, 2011-09-02 at 17:18 +0300, Tuomo Soini wrote: > # /var/lib/shorewall/firewall enable eth2 > Error: either "to" is duplicate, or "\" is a garbage. >ERROR: Command "ip -4 route replace default scope global table 253 \ > nexthop via 213.157.89.54 dev eth1 weight 3\ nexthop via 91.156.0.1 d

[Shorewall-devel] problem with 4.4.23-RC1

# /var/lib/shorewall/firewall enable eth2 Error: either "to" is duplicate, or "\" is a garbage. ERROR: Command "ip -4 route replace default scope global table 253 \ nexthop via 213.157.89.54 dev eth1 weight 3\ nexthop via 91.156.0.1 dev eth2 weight 2 nexthop via 91.156.0.1 dev eth2 weight 2" Fa

Re: [Shorewall-devel] Proposal macro.MAIL

On Wed, 2011-08-31 at 09:41 -0700, Tom Eastep wrote: > > I have mixed feelings about omnibus macros like this; I think they > encourage naive users to open many more ports than are really needed. Agreed > Anyone else have an opinion? > > Do not want. If macro.MAIL is what you want, you can sti