Paul Gear wrote: > John Morris wrote: >> Hi, >> >> I noticed today that a hosts zone defined as follows wasn't being >> matched. I investigated the output of iptables -L -v, and found this: >> ... >> I couldn't find anything in the hosts or zones man pages about this. Am >> I doing something wrong, or should this be spelled out in the docs for >> other idiots like me? > > In http://www.shorewall.net/manpages/shorewall-hosts.html it says: "The > order of entries in this file is not significant in determining zone > composition. Rather, the order that the zones are declared in > shorewall-zones(5) determines the order in which the records in this > file are interpreted." > > In http://www.shorewall.net/Multiple_Zones.html it says: "Shorewall > generates rules for zones in the order that the zone declarations appear > in /etc/shorewall/zones unless you modify the processing order using the > explicit child-zone:parent-zone syntax, in which case the child zone > rules are generated first." > > That should be sufficient to say it is documented, but there probably > should be something more explicit about ordering (probably a reference > to Multiple_Zones.html) in > http://www.shorewall.net/manpages/shorewall-zones.html. Any comments, Tom? >
and to http://www.shorewall.net/manpages/shorewall-nesting.html Jerry ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
