On 5/23/11 6:24 PM, Mr Dash Four wrote: > >>> Yeah, it did. After further testing I found this: >>> >>> AllowICMPs(audit) does not produce any audit jumps, but still uses >>> ACCEPT statements. Similarly, DropUPnP(audit) just DROPs instead of >>> A_DROP. Same goes for DropDNS(audit) - DROP is the iptables statement >>> instead of A_DROP. >>> >> >> I didn't expect A_DROPs -- look at the generated rules again. >> > Do I look at the generated .start or somewhere else?
Or start the thing and look at 'shorewall show'. You need to follow the rules to where your modified actions are invoked and then see what they invoke. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ vRanger cuts backup time in half-while increasing security. With the market-leading solution for virtual backup and recovery, you get blazing-fast, flexible, and affordable data protection. Download your free trial now. http://p.sf.net/sfu/quest-d2dcopy1
_______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
