Tom Eastep wrote: > Steven Jan Springl wrote: >> Tom >> >> Tos rule: >> >> lan all tcp - 22 16 >> >> compiles with shorewall-shell but produces the following error when compiled >> with shorewall-perl: >> >> ERROR: Unknown Interface (lan): "lan all tcp >> - 22 16" : /etc/shorewall/tos >> ( line 9 ) >> >> >> Note, the following tos rule also produces the same error: >> > > Steven, > > This is expected -- see the Shorewall-perl documentation.
In particular, this item from the release notes:
h) The /etc/shorewall/tos file now has zone-independent SOURCE and
DEST columns as do all other files except the rules and policy
files.
The SOURCE column may be one of the following:
[all:]<address>[,...]
[all:]<interface>[:<address>[,...]]
$FW[:<address>[,...]]
The DEST column may be one of the following:
[all:]<address>[,...]
[all:]<interface>[:<address>[,...]]
This is a permanent change. The old zone-based rules have never
worked right and this is a good time to replace them. I've tried
to make the new syntax cover the most common cases without
requiring change to existing files. In particular, it will
handle the tos file released with Shorewall 1.4 and earlier.
-Tom
--
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ [EMAIL PROTECTED]
PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/
_______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
