On 4/7/13 4:21 PM, "Mr Dash Four" <mr.dash.f...@googlemail.com> wrote:
>Is there a possibility to include 'raw' iptables statements directly
>(the stuff which goes after "-A <chain>") by shorewall? For example,
>specifying something like INLINE('-m <match 1> <match 1 parameters> -m
><match 2> <match 2 parameters> [...] -j ACCEPT'), which shorewall takes
>and inserts after the appropriate "-A" and chain arguments without any
>modification. Obviously, I understand that optimisation of such
>statements will be non-existent, but I am willing to take that hit.
>
>The reason I ask for this is because I have quite a lot of new features
>which by the looks of things and also judging by the snail-pace with
>which these are adopted (or not) by netfilter 'core' team it takes
>absolute ages to get mainline. In the meantime I need these for my own
>machines and need to be able to deploy them as quickly as possible.
>
>Currently, I have only your postcompile feature to work with Tom, but
>that isn't always the most easy thing to do or the most
>practical/straight forward. Thanks.
Are there particular Shorewall configuration files that you require this
feature in?
-Tom
You do not need a parachute to skydive. You only need a parachute to
skydive twice.
------------------------------------------------------------------------------
Minimize network downtime and maximize team effectiveness.
Reduce network management and security costs.Learn how to hire
the most talented Cisco Certified professionals. Visit the
Employer Resources Portal
http://www.cisco.com/web/learning/employer_resources/index.html
_______________________________________________
Shorewall-devel mailing list
Shorewall-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-devel
