On 9/24/2014 10:48 AM, PGNd wrote: >> With ADMINISABSENTMINDED=Yes (which I recommend) > > fyi, with > > ADMINISABSENTMINDED=No > > in shorewall.conf, I see in my compiler output > > ... > Compiling /usr/local/etc/shorewall/IPv4/stoppedrules... > WARNING: Entries in the routestopped file are processed as if > ADMINISABSENTMINDED=Yes /usr/local/etc/shorewall/IPv4/stoppedrules (line 16)
But the replies are still not automatically accepted. > ... > > which suggests that the setting is ignored/overridden, and outbound rules > should be open, as in ADMINISABSENTMINDED=Yes, regardless. No. > > Also, notice the inconsistency in the logged message: > > "compiling .../stoppedrules" > "Entries in the routestopped file" That's left over from when the file was called routestopped. I'll correct. > > and > > "IPv4/stoppedrules (line 16)" That's the actual name of your file. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
