Hi Tom, Il 04/09/2013 19:11, Tom Eastep ha scritto: > On 09/04/2013 08:20 AM, Mau wrote: >> [...] > > The new locking code in ip[6]tables 1.4.20 prevents iptables and > ip6tables from running simultaneously unless the -w option is specified > on both. You can work around this problem temporarily by using a > capabilties file: > > shorewall show -f capabilities > /etc/shorewall/capabilities > shorewall6 show -f capabilities > /etc/shorewall6/capabilities > > I'll have a patch to the compiler available in a day or so. > > -Tom
I also suspect that the concurrency bug addressed in iptables 1.4.20 caused some problem in the past: with shorewall apparently working, sometimes psad complained there was no LOG target in the firewall. The latest 4.5.21-Beta1 version seems to perfectly fix all the iptables related issues in my case; I'd only like to suggest some cosmetic improvement on the shorewall-init boot messages on Debian: Initializing "Shorewall-based firewalls": Compiling... /var/lib/shorewall/firewall is up to date -- no compilation required echo_notdone Compiling... /var/lib/shorewall6/firewall is up to date -- no compilation required echo_notdone done. Thanks a lot, Maurizio ------------------------------------------------------------------------------ Learn the latest--Visual Studio 2012, SharePoint 2013, SQL 2012, more! Discover the easy way to master current and previous Microsoft technologies and advance your career. Get an incredible 1,500+ hours of step-by-step tutorial videos with LearnDevNow. Subscribe today and save! http://pubads.g.doubleclick.net/gampad/clk?id=58041391&iu=/4140/ostg.clktrk _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
