Brian J. Murrell wrote:
On Mon, 2008-09-08 at 14:57 -0700, Tom Eastep wrote:Define the rules in terms of dynamic zones (preferably defined using ipsets rather than the deprecated DYNAMIC_ZONES=Yes),Giving this a go, I found a couple of things: * WARNING: SAVE_IPSETS=Yes is not supported by Shorewall-perl 4.0.6 * iptables-restore v1.4.0: Set foo doesn't exist. So empty ipsets don't get created by shorewall (for ipsets that don't yet exist) to allow iptables-restore to complete without a syntax error?
Shorewall has nothing to do with set creation or maintenance. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
