Thanks Filippo Let me know how it works for you after you test it. By the way, when trying to implement action.NFQBY like this...
?format 2 IPTABLES(NFQUEUE --queue-bypass) I get the following error from shorewall 4.5.21.6 ERROR: Invalid ACTION (IPTABLES(NFQUEUE:none) /etc/shorewall/action.NFQBY (line 27) from /etc/shorewall/rules (line 27) ... line 27 on my rules file is: NFQBY net $FW tcp 80,443 - And the contents of my actions file are just: NFQBY Why is this happening? I think I have declared the action and defined it right. -----Original Message----- From: Filippo Carletti Sent: Tuesday, May 19, 2015 3:46 PM To: Shorewall Users Subject: Re: [Shorewall-users] Shorewall with Suricata in IPS mode > We only have two zones: net (through p1p1 interface) and $FW > So I guess your configuration would not work for us. Or am I wrong? A simpler configuration will work for you (remove all lines which contain "loc"). I guess that using "SECTION ALL" produces a rules file that's easier to read, I'll try that in nethserver. snort stops processing the nfqueue when it reads the rules after an update, we chose to let traffic flow. -- Ciao, Filippo ------------------------------------------------------------------------------ One dashboard for servers and applications across Physical-Virtual-Cloud Widest out-of-the-box monitoring support with 50+ applications Performance metrics, stats and reports that give you Actionable Insights Deep dive visibility with transaction tracing using APM Insight. http://ad.doubleclick.net/ddm/clk/290420510;117567292;y _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users ------------------------------------------------------------------------------ One dashboard for servers and applications across Physical-Virtual-Cloud Widest out-of-the-box monitoring support with 50+ applications Performance metrics, stats and reports that give you Actionable Insights Deep dive visibility with transaction tracing using APM Insight. http://ad.doubleclick.net/ddm/clk/290420510;117567292;y _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
