Re: [Shorewall-users] Shorewall 3.2.4 tcrules: SCP/SSH distinction stopped working

2006-11-03 Thread Zachary Palmer
Tom Eastep wrote: > Zachary Palmer wrote: > >> I just have no clue how I got >> this to work before... and honestly, I did... even tested the shaping >> ability several times. >> > > I don't either -- the bug was introduced in Shorewall 3.2.3 and you were the > first to bring it to my att

Re: [Shorewall-users] Shorewall 3.2.4 tcrules: SCP/SSH distinction stopped working

2006-11-03 Thread Tom Eastep
Zachary Palmer wrote: > I just have no clue how I got > this to work before... and honestly, I did... even tested the shaping > ability several times. I don't either -- the bug was introduced in Shorewall 3.2.3 and you were the first to bring it to my attention. -Tom -- Tom Eastep\ Nothing

Re: [Shorewall-users] Shorewall 3.2.4 tcrules: SCP/SSH distinction stopped working

2006-11-02 Thread Zachary Palmer
> With patch this time... > > Zachary Palmer wrote: > > >> Once again, that was working dandy right up until sometime recently, >> when I presumably did something stupid and broke it. However, I have >> not touched my firewall configuration since I added those lines and >> verified that they w

Re: [Shorewall-users] Shorewall 3.2.4 tcrules: SCP/SSH distinction stopped working

2006-11-02 Thread Tom Eastep
With patch this time... Zachary Palmer wrote: > > Once again, that was working dandy right up until sometime recently, > when I presumably did something stupid and broke it. However, I have > not touched my firewall configuration since I added those lines and > verified that they worked (and qu

Re: [Shorewall-users] Shorewall 3.2.4 tcrules: SCP/SSH distinction stopped working

2006-11-02 Thread Tom Eastep
Zachary Palmer wrote: > > Once again, that was working dandy right up until sometime recently, > when I presumably did something stupid and broke it. However, I have > not touched my firewall configuration since I added those lines and > verified that they worked (and quite successfully, too).

Re: [Shorewall-users] Shorewall 3.2.4 tcrules: SCP/SSH distinction stopped working

2006-11-02 Thread Tom Eastep
Tom Eastep wrote: > Zachary Palmer wrote: > >> # SSH (with lower priority SCP) >> 3 0.0.0.0/0 0.0.0.0/0 tcp 22 >> 3 0.0.0.0/0 0.0.0.0/0 tcp - 22 >> 4 0.0.0.0/0 0.0.0.0/0 tcp 22 - - >> - - 8 >> 4

Re: [Shorewall-users] Shorewall 3.2.4 tcrules: SCP/SSH distinction stopped working

2006-11-02 Thread Tom Eastep
Zachary Palmer wrote: > > # SSH (with lower priority SCP) > 3 0.0.0.0/0 0.0.0.0/0 tcp 22 > 3 0.0.0.0/0 0.0.0.0/0 tcp - 22 > 4 0.0.0.0/0 0.0.0.0/0 tcp 22 - - > - - 8 > 4 0.0.0.0/0 0.0.0

[Shorewall-users] Shorewall 3.2.4 tcrules: SCP/SSH distinction stopped working

2006-11-01 Thread Zachary Palmer
I am having a most peculiar problem with Shorewall 3.2.4 on a Debian Etch firewall. I upgraded to 3.2.4 to get access to the rule-based matching in tcrules; this has allowed me to quite successfully discriminate between SSH and SCP packets, prioritizing one and not the other. Until today, th