> What you are seeing is a result of the way that connection
> tracking works. You can always use the '-p' option when you
> start/restart Shorewall (that does the 'conntrack -F' for you).
The drawback with this is that all tables would be flushed,
including established ssh connections on other interfaces which
could lead to some usability problems when setting/testing
firewall setups remotely.
> If the problem happens only at boot time, then installing and
> configuring Shorewall-init will solve the problem.
Are there persistent connection tracking (and related) parameters
set at install time that would make do with this condition when
enabling/disabling MASQ ?
Thanks.
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
