Tom 'shorewall show capabilities' indicates that condition match is available.
If I create a capabilities, shorewall allows a condition name to be specified. If the capabilities file does not exist, specifying a condition name produces the following message: ERROR: A non-empty CONDITION column requires Condition Match in your kernel and iptables : /etc/shorewallT6/rules (line 16) ---------------------------------------------------------------------------------------------------------------------------- The rules manual page indicates that inversion may be used in the condition column. Specifying !telnet in the condition column produces the following message: ERROR: Invalid condition name (!telnet) : /etc/shorewallT6/rules (line 16) Steven. ------------------------------------------------------------------------------ All of the data generated in your IT infrastructure is seriously valuable. Why? It contains a definitive record of application performance, security threats, fraudulent activity, and more. Splunk takes this data and makes sense of it. IT sense. And common sense. http://p.sf.net/sfu/splunk-d2dcopy2 _______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
