On 11/25/2012 03:33 PM, Tom Eastep wrote: > On 11/25/2012 02:50 PM, Steven Jan Springl wrote: >> In the attached config. conntrack entries: >> >> DROP all eth0 udp 1 >> DROP all eth1 udp 1 >> >> produce the following error message: >> >> /var/lib/shorewall/.start: 2242: Syntax error: "}" unexpected (expecting >> "done") > > I'm going to disallow a interface in the DEST column when the chain is > OUTPUT. That restriction also holds in the tcrules file.
It turns out to be fairly simple to allow destination interfaces in the DEST column for OUTPUT chain rules. Commit is 4e401d6f2903cc6798ac59a54c342eeb16d13f65. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Monitor your physical, virtual and cloud infrastructure from a single web console. Get in-depth insight into apps, servers, databases, vmware, SAP, cloud infrastructure, etc. Download 30-day Free Trial. Pricing starts from $795 for 25 servers or applications! http://p.sf.net/sfu/zoho_dev2dev_nov
_______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
