Dash Four wrote: > In addition, I am getting two separate sets of warnings during startup: > > rules > ~~~~~ > SECTION RELATED > # MUST be last as *_DISPOSITION does not accept custom actions > IFLOG(-,log1,-,drop,DROP) all all > > gives me: > > WARNING: The rule(s) generated by this entry are unreachable and have > been discarded /etc/shorewall/action.ILOG (line 38) > from /etc/shorewall/action.IFLOG (line 31) > from /etc/shorewall/rules (line 106) > [...ad nauseum ...] > > then... > > WARNING: The SOURCE zone is off-firewall and the DEST zone is > 'loopback' /etc/shorewall/action.IFLOG (line 29) > from /etc/shorewall/tunnels (line EOF) > WARNING: The SOURCE zone is off-firewall and the DEST zone is > 'loopback' /etc/shorewall/action.IFLOG (line 31) > from /etc/shorewall/tunnels (line EOF) > [...again, ad nauseum ...] > > My /etc/shorewall/tunnels is empty. > > Also, despite my best efforts, the xt_CT helper messages have *not* > gone away, even though I've set net.netfilter_nf_conntrack_helper to 0 > in my sysctl.conf (I even tried setting this as a kernel parameter). Forgot to mention - the above warnings are from shorewall on a different machine (with different configuration).
------------------------------------------------------------------------------ Get 100% visibility into Java/.NET code with AppDynamics Lite It's a free troubleshooting tool designed for production Get down to code-level detail for bottlenecks, with <2% overhead. Download for free and get started troubleshooting in minutes. http://p.sf.net/sfu/appdyn_d2d_ap2 _______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
