This is a rollup of two fixes: a) A fix for obscure [re]start errors involving the /etc/shorewall/masq file. b) A change which allow ''maclist'' with Atheros WiFi cards. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net
Tom; If the following line is entered into /etc/shorewall/masq eth0:!10.1.1.150 0.0.0.0/0!10.1.0.0/16 10.1.2.16 then Shorewall ignores the !10.1.0.0/16 in the subnet field. I have attached a patch that seems to cure this problem. Regards; Steven.
On Monday 09 February 2004 12:30 pm, Steven Jan Springl wrote:> Tom; > If the following line is entered into /etc/shorewall/masq > > eth0:!10.1.1.150 0.0.0.0/0!10.1.0.0/16 10.1.2.16 > > then Shorewall ignores the !10.1.0.0/16 in the subnet field. > I have attached a patch that seems to cure this problem. >Thanks, Steven. I have made this fix is available in the errata: http://www.shorewall.net/pub/shorewall/errata/1.4.10/firewall ftp://www.shorewall.net/pub/shorewall/errata/1.4.10/firewall -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net
On Monday 09 February 2004 12:39 pm, Tom Eastep wrote:> On Monday 09 February 2004 12:30 pm, Steven Jan Springl wrote: > > Tom; > > If the following line is entered into /etc/shorewall/masq > > > > eth0:!10.1.1.150 0.0.0.0/0!10.1.0.0/16 10.1.2.16 > > > > then Shorewall ignores the !10.1.0.0/16 in the subnet field. > > I have attached a patch that seems to cure this problem. > > Thanks, Steven. > > I have made this fix is available in the errata:Hmmm -- I''m clearly trying to do too many things at once: Subject: "Shorewall" is spelled "Shoerwall" Above: "... made this fix is ..." -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net