On 03/08/2013 08:57 AM, Matt Joyce wrote: > Just reminded me I planned to write a message yesturday and mention, I > got the idea to use the new notation to consolidate the prioritizing > rules for both NTP and DNS which currently is a seperate rule for > outgoing queries and for outgoing replies from the local servers > figuring less rules being easier to read and for iptables to process. > Didn't consider it would be an issue until running shorewall check and > it complained the = was unexpected. I'm guessing that it was simply not > intended to be used in the tcrules file as there was no other error > messages to indicate that I broke anything, just wanted to mention it as > without checking the finalized documentation I can't be certain whether > you meant that to work or not and I figured waiting on that could well > be leaving it too late. >
What rule failed to work? I just testing this entry in /etc/shorewall/rules: ACCEPT net fw tcp 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15 = Note that there is another patch (which I just posted on the development list) that is required for port lists longer than 15. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Symantec Endpoint Protection 12 positioned as A LEADER in The Forrester Wave(TM): Endpoint Security, Q1 2013 and "remains a good choice" in the endpoint security space. For insight on selecting the right partner to tackle endpoint security challenges, access the full report. http://p.sf.net/sfu/symantec-dev2dev
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
