Srinivasa Hebbar wrote: > Thanks Roberto, > > For now, I will prepend the interface name for each comma seperated IP > addresses. But, when I move to newer shorewall (perl), will it be compatible? > How shorewall-perl behaves when I include interface name for each > of the comma seperated IP addresses?
Shorewall-perl doesn't accept that syntax:
~/Configs/two-interfaces/rules:
#ACTION SOURCE DEST PROTO DEST SOURCE
ORIGINAL RATE USER/ MARK
# PORT PORT(S)
DEST LIMIT GROUP
ACCEPT net:eth0:192.168.1.3,eth0:192.168.1.5\
fw tcp 22
[EMAIL PROTECTED]:~/Configs/two-interfaces> shorewall check -e .
Checking...
ERROR: Unknown Host (eth0:192.168.1.3) :
/home/teastep/Configs/two-interfaces/rules (line 20)
[EMAIL PROTECTED]:~/Configs/two-interfaces>
So this is one more case where Shorewall-shell and Shorewall-perl are
incompatible.
-tom
--
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ [EMAIL PROTECTED]
PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
