Displaying 2 results from an estimated 2 matches for "delete_from_zone".
2004 May 03
1
Fix for ''firewall'' script on shorewall delete
...wall
tries to execute rules like:
iptables -D source_chain -s host1 -o iface -s host2 -j chain
The result is that only some rules are deleted, but some still
remain in the source_chain, leading to a source_chain with
a growing number of rules which never get deleted.
The problem is located in delete_from_zone() where a call to
match_source_hosts is used instead of match_dest_hosts.
The following patch fixes this problem and should be applied against
the ''firewall'' script of shorewall 2.0.1 (errata version).
--- firewall.orig 2004-05-03 14:05:43.000000000 +0200
+++ firewall.patc...
2004 Dec 05
13
Adding dynamically more than one host at once?
Hi,
it seems not to be possible to add more than one host at once to a zone.
So
shorewall add br0:eth0:192.168.2.10,eth0:192.168.2.11 work
fails, since "br0:eth0:192.168.2.10,eth0" is interpreted as one interface.
--snip --
iptables v1.2.9: interface name `eth0:192.168.2.10,eth0'' must be shorter
than IFNAMSIZ (15)
Try `iptables -h'' or ''iptables