On 2/28/2014 9:05 AM, Hervé Werner wrote: > I'm getting trouble with the ADMINISABSENTMINDED option, it doesn't seem > to work as stated in the manual.
> > I launched Shorewall with the default ADMINISABSENTMINDED value and > stopped it. I then did again the same test with ADMINISABSENTMINDED=No. > > > Do you agree or did I misunderstand the manual ? > I believe that the attached patch will correct the problem. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
diff --git a/Shorewall/Perl/Shorewall/Misc.pm b/Shorewall/Perl/Shorewall/Misc.pm
index e52ddc1..24d9294 100644
--- a/Shorewall/Perl/Shorewall/Misc.pm
+++ b/Shorewall/Perl/Shorewall/Misc.pm
@@ -2526,9 +2526,9 @@ EOF
"restore_default_route $config{USE_DEFAULT_RT}"
);
- my @chains = $config{ADMINISABSENTMINDED} ? qw/INPUT FORWARD/ : qw/INPUT OUTPUT FORWARD/;
-
- add_ijump $filter_table ->{$_}, j => 'ACCEPT', state_imatch 'ESTABLISHED,RELATED' for @chains;
+ if ( $config{ADMINISABSENTMINDED} ) {
+ add_ijump $filter_table ->{$_}, j => 'ACCEPT', state_imatch 'ESTABLISHED,RELATED' for qw/INPUT FORWARD/;
+ }
if ( $family == F_IPV6 ) {
add_ijump $input, j => 'ACCEPT', s => IPv6_LINKLOCAL;
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Flow-based real-time traffic analytics software. Cisco certified tool. Monitor traffic, SLAs, QoS, Medianet, WAAS etc. with NetFlow Analyzer Customize your own dashboards, set traffic alerts and generate reports. Network behavioral analysis & security monitoring. All-in-one tool. http://pubads.g.doubleclick.net/gampad/clk?id=126839071&iu=/4140/ostg.clktrk
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
