On 8/30/19 10:01 AM, Nicolas Boullis wrote: > Hi, > > On Tue, Aug 27, 2019 at 10:05:13AM -0700, Tom Eastep wrote: >> >> The following conntrack file rule should work in Shorewall 5.0.15: >> >> IPTABLES(CT --helper rtsp) - 212.27.38.253 tcp 554 > > Thanks a lot for your answer. > I just gave it a try, on a clean Debian Stretch system, with Shorewall > 5.0.15.6-1. And, unfortunately, it does not work. Shorewall reports: > > Aug 30 17:00:14 Compiling /etc/shorewall/rules... > Aug 30 17:00:14 ERROR: The CT TARGET is not allowed in the filter table > /etc/shorewall/rules (line 1) > >
The rule must be placed in the conntrack file; not in the rules file. -Tom -- Tom Eastep \ Q: What do you get when you cross a mobster with Shoreline, \ an international standard? Washington, USA \ A: Someone who makes you an offer you can't http://shorewall.org \ understand \_______________________________________________
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
