forked from extern/shorewall_code
Update Shorewall-perl migration issues
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@9277 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
parent
de038dad1b
commit
48b85c5353
@ -148,7 +148,8 @@
|
|||||||
|
|
||||||
<listitem>
|
<listitem>
|
||||||
<para>The refresh command does not alter the Netfilter
|
<para>The refresh command does not alter the Netfilter
|
||||||
configuration except for the static blacklist.</para>
|
configuration except for the static blacklist (it also refreshes
|
||||||
|
the mangle table, beginning with Shorewall 4.2.0).</para>
|
||||||
</listitem>
|
</listitem>
|
||||||
</itemizedlist>
|
</itemizedlist>
|
||||||
</listitem>
|
</listitem>
|
||||||
@ -186,23 +187,13 @@
|
|||||||
<row>
|
<row>
|
||||||
<entry>maclog</entry>
|
<entry>maclog</entry>
|
||||||
|
|
||||||
<entry>initdone</entry>
|
<entry>start</entry>
|
||||||
|
|
||||||
<entry></entry>
|
|
||||||
</row>
|
</row>
|
||||||
|
|
||||||
<row>
|
<row>
|
||||||
<entry>Per-chain (including those associated with
|
<entry>Per-chain (including those associated with
|
||||||
actions)</entry>
|
actions)</entry>
|
||||||
|
|
||||||
<entry>start</entry>
|
|
||||||
|
|
||||||
<entry></entry>
|
|
||||||
</row>
|
|
||||||
|
|
||||||
<row>
|
|
||||||
<entry></entry>
|
|
||||||
|
|
||||||
<entry>started</entry>
|
<entry>started</entry>
|
||||||
|
|
||||||
<entry></entry>
|
<entry></entry>
|
||||||
@ -518,6 +509,32 @@ ACCEPT loc:eth0:192.168.1.3,192.168.1.5 $FW tcp 22</programlisting>Wit
|
|||||||
ACCEPT loc:eth0:192.168.1.3,eth0:192.168.1.5 $fw tcp 22</programlisting>
|
ACCEPT loc:eth0:192.168.1.3,eth0:192.168.1.5 $fw tcp 22</programlisting>
|
||||||
Shorewall-perl does not support this alternative syntax.</para>
|
Shorewall-perl does not support this alternative syntax.</para>
|
||||||
</listitem>
|
</listitem>
|
||||||
|
|
||||||
|
<listitem>
|
||||||
|
<para>Beginning in Shorewall 4.2.0, Shorewall-perl gives a warning
|
||||||
|
if a zone name is entered in the DEST column of a
|
||||||
|
<firstterm>nonat</firstterm> rule. Nonat rules include:</para>
|
||||||
|
|
||||||
|
<itemizedlist>
|
||||||
|
<listitem>
|
||||||
|
<para>DNAT-</para>
|
||||||
|
</listitem>
|
||||||
|
|
||||||
|
<listitem>
|
||||||
|
<para>REDIRECT-</para>
|
||||||
|
</listitem>
|
||||||
|
|
||||||
|
<listitem>
|
||||||
|
<para>NONAT</para>
|
||||||
|
</listitem>
|
||||||
|
</itemizedlist>
|
||||||
|
|
||||||
|
<para>So rather than this:<programlisting>#ACTION SOURCE DEST PROTO DEST PORT(S)
|
||||||
|
DNAT- net loc:192.168.1.3 tcp 21</programlisting></para>
|
||||||
|
|
||||||
|
<para>you instead want:<programlisting>#ACTION SOURCE DEST PROTO DEST PORT(S)
|
||||||
|
DNAT- net 192.168.1.3 tcp 21</programlisting></para>
|
||||||
|
</listitem>
|
||||||
</orderedlist>
|
</orderedlist>
|
||||||
</section>
|
</section>
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user