> Yep, that did the trick. I am going to do a (very) light testing and > will continue tomorrow as I ran out of time... 1.
rules ~~~~~ INLINE $FW net ; -m mickey-mouse --name test produces: [...] :INLINE - [0:0] [...] -A INLINE -m mickey -mouse --name test 2. rules ~~~~~ INLINE $FW:10.1.1.1 net:+mickey-mouse ; -m mickey-mouse --name test produces: [...] :INLINE - [0:0] [...] -A fw2net -j INLINE -A fw2net -s 10.1.1.1 -m set --match-set mickey-mouse dst -j INLINE Ignoring the above lines, shouldn't I get an error instead? 3. rules ~~~~~ INLINE $FW net tcp ; --dport 1234 -m mickey-mouse --name test produces: [...] :INLINE - [0:0] [...] -A INLINE --dport 1234 -m mickey -mouse --name test 4. rules ~~~~~ INLINE $FW net tcp - ; -p 17 --dport 2345 -j SECCTX --name test produces: [...] :INLINE - [0:0] [...] -A INLINE -p 17 --dport 2345 -j SECCTX --name test 5. rules ~~~~~ INLINE $FW net - - ; -j SECCTX --name test produces: -A fw2net -j SECCTX --name test which is correct, but shouldn't that produce an error as there are 2 trailing dashes (-) before ";"? More thorough testing tomorrow... ------------------------------------------------------------------------------ Precog is a next-generation analytics platform capable of advanced analytics on semi-structured data. The platform includes APIs for building apps and a phenomenal toolset for data science. Developers can use our toolset for easy data analysis & visualization. Get a free account! http://www2.precog.com/precogplatform/slashdotnewsletter _______________________________________________ Shorewall-devel mailing list Shorewall-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-devel
