Brad Clarke wrote: > I'm using shorewall-perl 4.0.15 on Ubuntu 8.04. The tcrules man page > says I can use "A comma-separated list of interface names, IP > addresses, MAC addresses and/or subnets" in the SOURCE column. This > seems to work fine for everything except interfaces, which generate an > error if I use more than one: > > /etc/shorwall/tcrules: > ... > CONTINUE $FW,eth0,vlan2 192.168.10.0/24,10.99.1.0/24 > > #shorewall check > .... > Checking /etc/shorewall/tcrules... > ERROR: Unknown Interface (fw,eth0,vlan2) : /etc/shorewall/tcrules (line 34) > > > Is this just a limitation of shorewall? >
Yes -- While the text implies that there may be more than one interface, the syntax diagram obviously does not. > I tried leaving it blank and allowing it to happen for all interfaces > but that didn't seem to include $FW, so I need at least 2 rules. Is > there a way I can specify a variable for the DEST column to make the > repeated rules easier to maintain? No. ------------------------------------------------------------------------------ Create and Deploy Rich Internet Apps outside the browser with Adobe(R)AIR(TM) software. With Adobe AIR, Ajax developers can use existing skills and code to build responsive, highly engaging applications that combine the power of local resources and data with the reach of the web. Download the Adobe AIR SDK and Ajax docs to start building applications today-http://p.sf.net/sfu/adobe-com _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
