John Morris wrote: > Hi, > > I noticed today that a hosts zone defined as follows wasn't being > matched. I investigated the output of iptables -L -v, and found this: > ... > I couldn't find anything in the hosts or zones man pages about this. Am > I doing something wrong, or should this be spelled out in the docs for > other idiots like me?
In http://www.shorewall.net/manpages/shorewall-hosts.html it says: "The order of entries in this file is not significant in determining zone composition. Rather, the order that the zones are declared in shorewall-zones(5) determines the order in which the records in this file are interpreted." In http://www.shorewall.net/Multiple_Zones.html it says: "Shorewall generates rules for zones in the order that the zone declarations appear in /etc/shorewall/zones unless you modify the processing order using the explicit child-zone:parent-zone syntax, in which case the child zone rules are generated first." That should be sufficient to say it is documented, but there probably should be something more explicit about ordering (probably a reference to Multiple_Zones.html) in http://www.shorewall.net/manpages/shorewall-zones.html. Any comments, Tom? Paul ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
