On 09/13/2010 01:26 PM, Steven Jan Springl wrote: > On Monday 13 September 2010 21:18:25 Tom Eastep wrote: >> On 9/13/10 12:29 PM, Steven Jan Springl wrote: >>> Interface entry: >>> >>> rest xyz nets=dynamic,optional >>> >>> produces the following message: >>> >>> iptables-restore v1.4.9.1: Set rest_xyz doesn't exist. >>> >>> Note: Shorewall starts when a host entry such as the following is >>> defined, so I know that ipset is working: >>> >>> z1 eth1:dynamic tcpflags >> >> what does 'fgrep IPSET <compiled script>' produce, Steven?
> See attached file.
Steven,
I can't understand why z1_eth1 would be created and rest_xyz would not; the
lines that create the two sets if they don't exist should be adjacent in the
script.
qt $IPSET -L rest_xyz -n || $IPSET -N rest_xyz iphash
qt $IPSET -L z1_eth1 -n || $IPSET -N z1_eth1 iphash
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car
http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Start uncovering the many advantages of virtual appliances and start using them to simplify application deployment and accelerate your shift to cloud computing http://p.sf.net/sfu/novell-sfdev2dev
_______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
