From 9a1cb0c6b68d0952df50e158c5082bd0239fff53 Mon Sep 17 00:00:00 2001 From: Tom Eastep Date: Mon, 7 Sep 2009 16:44:19 -0700 Subject: [PATCH] Admin that PKTTYPE is a no-op --- docs/Documentation_Index.xml | 4 ++-- manpages/shorewall.conf.xml | 26 ++------------------------ 2 files changed, 4 insertions(+), 26 deletions(-) diff --git a/docs/Documentation_Index.xml b/docs/Documentation_Index.xml index c77bf4a92..32087a4d4 100644 --- a/docs/Documentation_Index.xml +++ b/docs/Documentation_Index.xml @@ -208,8 +208,8 @@ OpenVPN - Upgrade Issues when - upgrading Debian Lenny to Squeeze + Upgrading Debian Lenny to + Squeeze - A Shorewall Perspective diff --git a/manpages/shorewall.conf.xml b/manpages/shorewall.conf.xml index 87dc219f9..c7df52661 100644 --- a/manpages/shorewall.conf.xml +++ b/manpages/shorewall.conf.xml @@ -1162,30 +1162,8 @@ net all DROP infothen the chain name is 'net2all' role="bold">Yes|No} - Normally Shorewall attempts to use the iptables packet type - match extension to determine broadcast and multicast packets. - - - - This can cause a message to appear during shorewall start - (modprobe: cant locate module ipt_pkttype). - - - - Some users have found problems with the packet match - extension with the result that their firewall log is flooded - with messages relating to broadcast packets. - - - - - -
- If you are experiencing either of these problems, setting - PKTTYPE=No will prevent Shorewall from trying to use the packet - type match extension and to use IP address matching to determine - which packets are broadcasts or multicasts. -
+ This option is included for compatibility with older Shorewall + releases. Its setting has no effect.