On 5/23/11 6:07 PM, Mr Dash Four wrote: > >> The patch that I posted in response Steven Springl's report may fix this. >> > Yeah, it did. After further testing I found this: > > AllowICMPs(audit) does not produce any audit jumps, but still uses > ACCEPT statements. Similarly, DropUPnP(audit) just DROPs instead of > A_DROP. Same goes for DropDNS(audit) - DROP is the iptables statement > instead of A_DROP.
I didn't expect A_DROPs -- look at the generated rules again. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ vRanger cuts backup time in half-while increasing security. With the market-leading solution for virtual backup and recovery, you get blazing-fast, flexible, and affordable data protection. Download your free trial now. http://p.sf.net/sfu/quest-d2dcopy1
_______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
