On 04/09/2013 09:10 AM, Mr Dash Four wrote: > >>> Erm, you've lost me. >>> >>> On one hand you are "requiring protocol and port numbers", but on the >>> other "the only columns that are required are SOURCE and DEST" - that's >>> a bit contradictory. So to just make it clear - if I specify "INLINE $FW >>> net ; -p tcp --dport 1234 -m mickey-mouse --name foo -j SECCTX --name >>> foo2" or "INLINE $FW net ; -j SECCTX --name foo2", would that be OK with >>> shorewall (provided I've included "SECCTX builtin" in my "actions", of >>> course)? >>> >>> >> >> Sorry -- I'm trying to do 12 things at once. I am *not* requiring any >> columns except SOURCE and DEST. Your examples would work fine. >> > Got it. You are not the only one with that particular problem though and > I sympathise with you completely. > > I have one last query for you: if I specify "INLINE $FW net tcp 1234 ; > -p udp --dport 1235 -j SECCTX --name foo" what would happen? Would > shorewall issue an error, or would shorewall process one statement over > the other (which one?) and issue a warning?
That will generate an error. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Precog is a next-generation analytics platform capable of advanced analytics on semi-structured data. The platform includes APIs for building apps and a phenomenal toolset for data science. Developers can use our toolset for easy data analysis & visualization. Get a free account! http://www2.precog.com/precogplatform/slashdotnewsletter
_______________________________________________ Shorewall-devel mailing list Shorewall-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-devel
