Tom Eastep wrote: > Farkas Levente wrote: > >> thanks. so after a debug session i've got the error bellow while in my >> rules there is a line: >> Limit:none:SSH2,3,60 net dmz:$NS2_IP tcp ssh >> it seems the new Limit code is not the same as the old one?! or at least >> the compiler differs. anyway the error is true since shorewall call >> iptables as "--log-level none" it seems to me that the previous version >> do not append the log-level to iptables if it was none (afais in the >> previous version's debug list). >> so imho it's a bug in the new code. > > Yep -- please try the attached patch to /usr/share/shorewall/compiler. It > fixes all builtin actions WRT 'none' and 'none!' (not just Limit).
thanks. it seems to working. and i hope no more hidden problem since it's our production firewall:-( -- Levente "Si vis pacem para bellum!" ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
