On 3/5/11 9:37 AM, Evi1M4chine wrote: > Hey, great news. Thank you, man. > >> Actually, there is good news. I had originally taken a similar decision >> with respect to port lists in that Shorewall-perl did not originally >> support port lists with more than 15 ports, even though that was >> supported by Shorewall-shell. I later came up with a way to post-process >> rules with large port lists and break them into multiple rules.
> I wonder why it’s so complicated though. Because iptables doesn’t > support multiple port types or more than 15 ports? I guess then iptables > needs a general patch. :) It doesn't support more that 15 ports (originally, it didn't support port lists at all). > Because I agree that that is no thing that Shorewall should do. It > should be able to just pass a list to iptables. > >> The attached patch does the same for ICMP lists. It applies with offsets >> to Shorewall 4.4.15 (which is what I believe Gentoo currently supports): >> >> patch /usr/share/shorewall/Shorewall/Chains< ICMPLISTS.patch >> >> This patch will be included in Shorewall 4.4.19. > Anyway, thanks. Trying it out today. > > By the way: If you still think I’m doing something wrong, I’m happy to > learn something. No, you are not -- when I added the ability to support > 15 ports in a list, I should have added the ability to support ICMP type lists at the same time. My oversight. Let me know if you have problems with the patch. Thanks, -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ What You Don't Know About Data Connectivity CAN Hurt You This paper provides an overview of data connectivity, details its effect on application quality, and explores various alternative solutions. http://p.sf.net/sfu/progress-d2d
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
