Tom.
When the accounting file contains:
DONE - eth0 eth1 udp 555,666
(both eth0 and eth1 are ports on bridge br0)
the following iptables rule is generated:
-A accounting -p 17 -m multiport --dports 555,666 -i br0 -m
physdev --physdev-in eth0 -o br0 -m physdev --physdev-out eth1 -j RETURN
which produces the following messages:
iptables-restore: line 341 failed
ERROR: iptables-restore Failed. Input is
in /var/lib/shorewall/.iptables-restore-input
/sbin/shorewall: line 347: 12488 Terminated ${VARDIR}/.start
$debugging start
Additionally the following message is also produced:
physdev match: using --physdev-out in the OUTPUT, FORWARD and POSTROUTING
chains for non-bridged traffic is not supported anymore.
Note: this last message is produced for every iptables rule that contains
a --physdev-out parameter, but iptables-restore normally works.
Steven.
-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
Shorewall-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-devel
