This morning, Klemens Rutz reported a problem that affects all
Shorewall-perl 4.2 versions.
The problem:
a) Only occurs when there are more than one network interface.
b) Results in the following interface options not being applied to
forwarded traffic.
blacklist
dhcp
maclist (when MACLIST_TABLE=filter)
norfc1918
nosmurfs
tcpflags
User are encouraged to either:
- Upgrade to Shorewall-perl-4.2.6.1; or
- Apply the patch found at:
http://www.shorewall.net/pub/shorewall/4.2/forward.patch
ftp://ftp.shorewall.net/pub/shorewall/4.2/forward.patch
To apply the patch, execute this command:
patch /usr/share/shorewall-perl/Shorewall/Rules.pm < forward.patch
The patch may apply with fuzz and/or an offset, depending on your
particular version.
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car
http://shorewall.net \________________________________________________
------------------------------------------------------------------------------
Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA
-OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise
-Strategies to boost innovation and cut costs with open source participation
-Receive a $600 discount off the registration fee with the source code: SFAD
http://p.sf.net/sfu/XcvMzF8H