Maciek Kurkiewicz
2003-Apr-23 06:42 UTC
[Shorewall-users] Shorewall-users] swat port 901 to net blocking
Version? 1.4.2>>>> shorewall don''t start. "unknown protocol >>>> `net'' specified>>And you put that in your rules file?yes, a put it earlier, but I have in policy file : fw net ACCEPT so from rules file it wasn''t working : REJECT fw net tcp 901 REJECT fw net udp 901 -- ---- Oferta jakiej jeszcze nie bylo! Serwer www 60 MB za 96 zl rocznie Szczegoly: www.oferta.alpha.pl ----
Jan Johansson
2003-Apr-23 06:49 UTC
[Shorewall-users] Shorewall-users] swat port 901 to net blocking
>yes, a put it earlier, but I have in policy file : >fw net ACCEPTDoesn''t matter. What you put in rules will override policy.>so from rules file it wasn''t working : >REJECT fw net tcp 901 >REJECT fw net udp 901That is _the wrong way_ That prevents your firewall from contacting an external SWAT, which is not what you want. The following lines: REJECT $FW net tcp 901 REJECT $FW net udp 901 does work, else something else is wrong with your set up, but that is the correct rule.