Steven Jan Springl wrote: > Tom > > I have doing some further testing of exclusion and I believe I found another > iptables bug. > > If you have the time, could try a shorewall rule similar to the following: > > DNAT lan wan:1.2.3.4:2525 tcp 25 - !4.3.2.2 > > After issuing a shorewall start, /var/lib/shorewall/.iptables-restore-input > should contain the correct rules in the nat and filter tables for the above > rule. > > If you issue an iptables-save, it should show the nat table with the correct > rule, but the entry in the filter table will be missing the "!". > > If you can recreate this bug, I will report it to the netfilter team.
I've also reproduced the problem with iptables 1.4.2. -Tom > > Steven. > > ------------------------------------------------------------------------------ > _______________________________________________ > Shorewall-devel mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/shorewall-devel -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------
_______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
