Tom Eastep wrote:
> Zachary Palmer wrote:
>
>> I just have no clue how I got
>> this to work before... and honestly, I did... even tested the shaping
>> ability several times.
>>
>
> I don't either -- the bug was introduced in Shorewall 3.2.3 and you were the
> first to bring it to my att
Zachary Palmer wrote:
> I just have no clue how I got
> this to work before... and honestly, I did... even tested the shaping
> ability several times.
I don't either -- the bug was introduced in Shorewall 3.2.3 and you were the
first to bring it to my attention.
-Tom
--
Tom Eastep\ Nothing
> With patch this time...
>
> Zachary Palmer wrote:
>
>
>> Once again, that was working dandy right up until sometime recently,
>> when I presumably did something stupid and broke it. However, I have
>> not touched my firewall configuration since I added those lines and
>> verified that they w
With patch this time...
Zachary Palmer wrote:
>
> Once again, that was working dandy right up until sometime recently,
> when I presumably did something stupid and broke it. However, I have
> not touched my firewall configuration since I added those lines and
> verified that they worked (and qu
Zachary Palmer wrote:
>
> Once again, that was working dandy right up until sometime recently,
> when I presumably did something stupid and broke it. However, I have
> not touched my firewall configuration since I added those lines and
> verified that they worked (and quite successfully, too).
Tom Eastep wrote:
> Zachary Palmer wrote:
>
>> # SSH (with lower priority SCP)
>> 3 0.0.0.0/0 0.0.0.0/0 tcp 22
>> 3 0.0.0.0/0 0.0.0.0/0 tcp - 22
>> 4 0.0.0.0/0 0.0.0.0/0 tcp 22 - -
>> - - 8
>> 4
Zachary Palmer wrote:
>
> # SSH (with lower priority SCP)
> 3 0.0.0.0/0 0.0.0.0/0 tcp 22
> 3 0.0.0.0/0 0.0.0.0/0 tcp - 22
> 4 0.0.0.0/0 0.0.0.0/0 tcp 22 - -
> - - 8
> 4 0.0.0.0/0 0.0.0
I am having a most peculiar problem with Shorewall 3.2.4 on a Debian
Etch firewall. I upgraded to 3.2.4 to get access to the rule-based
matching in tcrules; this has allowed me to quite successfully
discriminate between SSH and SCP packets, prioritizing one and not the
other.
Until today, th