On 07/31/2012 02:17 PM, Benny Pedersen wrote: > Den 2012-07-31 22:52, Tom Eastep skrev: > >>> Jul 31 05:12:13 home kernel: nf_conntrack: automatic helper >>> assignment >>> is deprecated and it will be removed soon. Use the iptables CT >>> target to >>> attach helpers instead. > >>> is shorewall ready ? > >> No > > i see soon, so old shorewalls still work in depricated mode, as long > kernel.org says soon :=) > > i will make a gentoo bug on this so new kernels cant be maked stable > before shorewall works, olso xtables-addons fails with 3.5.0, just so > other knows
Shorewall supports the iptables CT target now (see shorewall-notrack(5)); the problem is that when the deprecated mode is turned off, everyone who uses helpers (which is almost 100% of the Shorewall user base) will have to change their configuration in an unintuitive way. My challenge is to determine how to make the transition smoother. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
