extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-06-19 17:28:35 +02:00
Code Issues Packages Projects Releases Wiki Activity

Error with ESTABLISHED/RELATED rules and FASTACCEPT

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3419 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2006-02-01 23:05:32 +00:00
parent 6879ce7084
commit 20d3f6afdc
2 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
Shorewall/compiler
View File

@ -5205,6 +5205,7 @@ process_rule() # $1 = target
case $SECTION in case $SECTION in
ESTABLISHED|RELATED) ESTABLISHED|RELATED)
[ -n "$FASTACCEPT" ] && fatal_error "Entries in the $SECTION SECTION of the rules file not permitted with FASTACCEPT=Yes"
state="-m state --state $SECTION" state="-m state --state $SECTION"
;; ;;
*) *)

4
Shorewall/shorewall.conf
View File

@ -838,8 +838,8 @@ MAPOLDACTIONS=No
# #
# If you set FASTACCEPT=Yes, then ESTABLISHED/RELATED packets are accepted # If you set FASTACCEPT=Yes, then ESTABLISHED/RELATED packets are accepted
# early in the INPUT, FORWARD and OUTPUT chains. If you set # early in the INPUT, FORWARD and OUTPUT chains. If you set
# FASTACCEPT=Yes then you may not specify ESTABLISHED policies in # FASTACCEPT=Yes then you may not include rules in the ESTABLISHED and
# /etc/shorewall/policy. # RELATED sections of the rules file.
FASTACCEPT=No FASTACCEPT=No