Steven, On 1/5/13 8:55 AM, Steven Jan Springl wrote:
> Confirmed, the patches have fixed both issues.
Thanks.
>
> Note, there seems to be a bug in arptables.
>
> Arprules entry:
>
> DROP eth0 - !1
>
> Generates arptables rule:
>
> -A INPUT -i eth0 --opcode ! 1 -j DROP
>
> Issuing arptables-save produces:
>
> -A INPUT -j DROP -i eth0 --opcode 1
>
> The "!" is missing.
>
> I am using arptables v0.0.3.4 supplied with Debian Squeeze.
It seems to be dropped while processing the -A command, as the -L
command also shows no '!':
root@gateway:~# arptables -A foo -j RETURN --opcode ! 1
root@gateway:~# arptables -L foo -n -v
Chain foo (0 references)
-j RETURN -i * -o * --opcode 1 , pcnt=0 -- bcnt=0
root@gateway:~# arptables -V
arptables v0.0.3.4
root@gateway:~#
arptables_jf seems to work correctly:
[root@sami ~]# arptables -N foo
[root@sami ~]# arptables -A foo -j RETURN --arpop ! 1
[root@sami ~]# arptables -L foo -n -v
Chain foo (0 references)
pkts bytes target in out source-ip
destination-ip source-hw destination-hw hlen op
hrd pro
0 0 RETURN * * 0.0.0.0/0 0.0.0.0/0
00/00 00/00 any !0001
0000/0000 0000/0000
[root@sami ~]#
Are you submitting a Debian bug report?
Thanks,
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car
http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Master Visual Studio, SharePoint, SQL, ASP.NET, C# 2012, HTML5, CSS, MVC, Windows 8 Apps, JavaScript and much more. Keep your skills current with LearnDevNow - 3,200 step-by-step video tutorials by Microsoft MVPs and experts. SALE $99.99 this month only -- learn more at: http://p.sf.net/sfu/learnmore_122912
_______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
