search for: source_chain

...t; for dynamically adding and removing users to VPN chains when connecting to a VPN gateway. But ''shorewall delete'' has a little problem to delete the correct rules. When issuing "shorewall delete iface:host zone", shorewall tries to execute rules like: iptables -D source_chain -s host1 -o iface -s host2 -j chain The result is that only some rules are deleted, but some still remain in the source_chain, leading to a source_chain with a growing number of rules which never get deleted. The problem is located in delete_from_zone() where a call to match_source_hosts is used...

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I''m running systems with openswan and modified _updown script supporting shorewall dynamic hosts. Because on problems with cvs head version of openswan I found a error from shorewall dynamic hosts support. When host is already in zone shorewall aborts adding process with error. This is not good thing(tm). I found out that deleting host from