Le mardi 21 juin 2011 15:32, Tom Eastep a écrit :> -------- Forwarded Message -------- > From: Tom Eastep <teastep@shorewall.net> > Reply-to: Shorewall Users <shorewall-users@lists.sourceforge.net> > To: Shorewall Users <shorewall-users@lists.sourceforge.net> > Subject: Re: [Shorewall-users] routestopped 4.2 to 4.4 > Date: Mon, 20 Jun 2011 13:37:02 -0700 > > On Mon, 2011-06-20 at 21:32 +0200, ml@smtp.fakessh.eu wrote: > > hi folks > > > > i describe my problem > > use centos 5.6 > > in the directory /etc/sysconfig/network-scripts/ > > there is no file corresponding to the eth0 interface is ifcfg-eth0 > > But ifconfig command me back out all the interfaces > > > > my question is in the configuration of my version 4.2 I declare a > > critical interface eth0 (required OVH) I want to go in 4.4 > > > > how to do without this critical interface > > > > the file is not present in my distribution I do not see how > > > > nb : sorry for my very bad English > > Because of the way that Shorewall 4.4 works, ''critical'' is no longer > needed (all interfaces are treated as critical). From the release notes: > > 8) The generated script now uses iptables[6]-restore to instantiate > the Netfilter ruleset during processing of the ''stop'' command. As a > consequence, the ''critical'' option in /etc/shorewall/routestopped > is no longer needed and will result in a warning. > > -TomI have managed to do the update but I am having problems with the policy file in which I can not specify the burst -- http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x092164A7 gpg --keyserver pgp.mit.edu --recv-key 092164A7 ------------------------------------------------------------------------------ EditLive Enterprise is the world''s most technically advanced content authoring tool. Experience the power of Track Changes, Inline Image Editing and ensure content is compliant with Accessibility Checking. http://p.sf.net/sfu/ephox-dev2dev
Le mardi 21 juin 2011 19:59, vous avez écrit :> On Tue, 2011-06-21 at 17:43 +0200, ml@smtp.fakessh.eu wrote: > > I have managed to do the update but I am having problems with the policy > > file in which I can not specify the burst > > If you want our help, you are going to have to give us details about > what you have tried and what you are seeing. > > -Tommy file /etc/shorewall/policy and like this and I do not know how to declare the LIMIT: BURST # Shorewall version 4 - Policy File # # For information about entries in this file, type "man shorewall-policy" # # The manpage is also online at # http://www.shorewall.net/manpages/shorewall-policy.html # ############################################### #SOURCE DEST POLICY LOG LIMIT:BURST # LEVEL #LAST LINE -- DO NOT REMOVE #SOURCE DEST POLICY LOG LEVEL LIMIT:BURST $FW net DROP info net $FW DROP info net all REJECT info loc loc ACCEPT # The FOLLOWING POLICY MUST BE LAST all all REJECT info #LAST LINE -- ADD YOUR ENTRIES ABOVE THIS LINE -- DO NOT REMOVE -- http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x092164A7 gpg --keyserver pgp.mit.edu --recv-key 092164A7 ------------------------------------------------------------------------------ EditLive Enterprise is the world''s most technically advanced content authoring tool. Experience the power of Track Changes, Inline Image Editing and ensure content is compliant with Accessibility Checking. http://p.sf.net/sfu/ephox-dev2dev
On Tue, 2011-06-21 at 20:49 +0200, ml@smtp.fakessh.eu wrote:> my file /etc/shorewall/policy and like this > and I do not know how to declare the LIMIT: BURSTHave a look at: http://www.shorewall.net/configuration_file_basics.htm#RateLimit -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ EditLive Enterprise is the world''s most technically advanced content authoring tool. Experience the power of Track Changes, Inline Image Editing and ensure content is compliant with Accessibility Checking. http://p.sf.net/sfu/ephox-dev2dev