David Rothenberger wrote: > I came across a problem today with an ACCEPT+ rule using shorewall-perl > 4.2.7. > > The rule is: > > ACCEPT+ loc:192.168.1.102 wifi tcp http,https > > This resulted in a rule in the loc_dnat chain with the destination set > to 0.0.0.0/0, which seems to ignore the "wifi" zone in the destination > of the rule. > > My "wifi" zone is defined as such in zones: > > wifi ipv4 > > and my interfaces file has: > > wifi eth3 detect dhcp,maclist > > eth3 is up when shorewall is started. It has address > 192.168.3.101/255.255.255.0. > > Is this expected behavior?
Yes. The NAT part of the rule generated by ACCEPT+ does not consider the destination zone. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
