On 06/02/2011 09:40 AM, Mr Dash Four wrote: > >> The attached (untested) patch implements an 'NI' suffix. See if that >> corrects the problem. >> > Thanks! By looking at that patch, it takes ":NI" in the secmark's STATE > sub-column to mark packets with cstate NEW,INVALID, is that right?
That's correct. > If so, and if the reason for me getting this security alerts is > probably because the packet may have been invalid, I think that > should fix it. Will apply it straight away. Okay -- Please let me know one way or the other. Thanks, -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Simplify data backup and recovery for your virtual environment with vRanger. Installation's a snap, and flexible recovery options mean your data is safe, secure and there when you need it. Discover what all the cheering's about. Get your free trial download today. http://p.sf.net/sfu/quest-dev2dev2
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
