On Saturday 28 April 2007 02:52, Tom Eastep wrote: > Steven Jan Springl wrote: > > Tom > > > > When eth0!192.168.0.2 is entered in the source field of masq e.g. > > > > eth0 eth0!192.168.0.2 detect > > > > shorewall-perl generates error: > > > > iptables-restore v1.3.6 host/network 'eth0' not found > > > > It works with shorewall-shell. > > Steven, > > Given Shorewall-shell's uniform treatment of all rules, the canonical > form of that rule is now accepted: > > ethx eth0:!192.168.0.2 ... > > I'll document that for the next 3.9 release (I seem to recall > documenting that somewhere already but I can't lay my hands on it at the > moment). > > -Tom
Tom Changing the masq rule to: eth0 eth0:!192.168.0.2 detect generates the following iptables rule: -A eth0_masq -s 192.168.0.0/24 -s ! 192.168.0.2 -j SNAT --to-source 192.168.0.4 which gives the error: iptables-restore v1.3.6 multiple -s flags not allowed Steven. ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
