On 5/26/11 4:08 PM, Mr Dash Four wrote: > >> Thank you for testing, >> -Tom >> > I have just noticed that on all my blacklst and blackout jumps (in > net2fw, fw2net etc) I have this (using fw2net as an example, but it is > the same for net2fw etc): > > 0 0 blackout all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate INVALID,NEW > > This wasn't there before, I don't think! I looked at .start and the > statement which creates this is as follows: > > -A fw2net -m conntrack --ctstate NEW,INVALID -j blackout > > Is this something recently introduced or have I messed things up somehow?
It was added when I added the in and out options to the blacklist file. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ vRanger cuts backup time in half-while increasing security. With the market-leading solution for virtual backup and recovery, you get blazing-fast, flexible, and affordable data protection. Download your free trial now. http://p.sf.net/sfu/quest-d2dcopy1
_______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
