Based on that correction the generated worning should also be changed from: Checking /etc/shorewall/stoppedrules... "WARNING: Entries in the routestopped file are processed as if ADMINISABSENTMINDED=Yes /etc/shorewall/stoppedrules (line 15)" to: Checking /etc/shorewall/stoppedrules... "WARNING: Entries in the stoppedrules file are processed as if ADMINISABSENTMINDED=Yes /etc/shorewall/stoppedrules (line 15)"!
Is there any reason why the stoppedrules file can not be used with ADMINISABSENTMINDED=No? -Matt On 10 Mar 2014 at 7:45, Tom Eastep wrote: > On 3/9/2014 8:34 AM, Tom Eastep wrote: > > On 3/8/2014 8:20 AM, Tom Eastep wrote: > > > >> > >> 2) The behavior of ADMINISABSENTMINDED=No is corrected. > > > > Here is an expanded version of this change description: > > > ... > > Simon Hobson pointed out a typo in my earlier post. Corrected copy: > > 2) The behavior of ADMINISABSENTMINDED=No is corrected. Previously, > 'shorewall stop' would not block existing connections regardless of > the setting of this option. Beginning with this release, the > behavior of ADMINISABSENTMINDED=No depends on whether the > routestopped or the stoppedrules file defines the allow connections > while the firewall is stopped. > > If there are entries in /etc/shorewall[6]/routestopped or if there > are no entries in /etc/shorewall[6]/stoppedrules, then the behavior > of ADMINISABSENTMINDED=No is as documented (existing connections > are blocked unles they are allowed by > /etc/shorewall[6]/routestopped). If there are no entries in > /etc/shorewall[6]/routestopped but there are entries in > /etc/shorewall[6]/stoppedrules, then the behavior is as if > ADMINISABSENTMINDED=Yes and a warning message is generated. > > -Tom > -- > Tom Eastep \ When I die, I want to go like my Grandfather who > Shoreline, \ died peacefully in his sleep. Not screaming like > Washington, USA \ all of the passengers in his car > http://shorewall.net \________________________________________________ > > ------------------------------------------------------------------------------ Learn Graph Databases - Download FREE O'Reilly Book "Graph Databases" is the definitive new guide to graph databases and their applications. Written by three acclaimed leaders in the field, this first edition is now available. Download your free book today! http://p.sf.net/sfu/13534_NeoTech _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
