forked from extern/shorewall_code
42 lines
1.5 KiB
Plaintext
42 lines
1.5 KiB
Plaintext
1) In some simple one-interface configurations, the following Perl
|
|
run-time error messages is issued:
|
|
|
|
Generating Rule Matrix...
|
|
Use of uninitialized value in concatenation (.) or string at
|
|
/usr/share/shorewall/Shorewall/Chains.pm line 649.
|
|
Use of uninitialized value in concatenation (.) or string at
|
|
/usr/share/shorewall/Shorewall/Chains.pm line 649.
|
|
Creating iptables-restore input...
|
|
|
|
The messages are harmless and can be ignored.
|
|
|
|
2) The Shorewall operations log (specified by STARTUP_LOG) is not
|
|
secured 0600.
|
|
|
|
To work around the this issue, simply use chmod to change the
|
|
file's permissions.
|
|
|
|
3) The compiler generates an incorrect test for interface
|
|
availability in the generated code for adding route rules. The
|
|
result is that the rules are always added, regardless of the
|
|
state of the provider's interface.
|
|
|
|
Will be corrected in Shorewall 4.4.4.
|
|
|
|
4) When TC_WIDE_MARKS=Yes and class numbers are not explicitly
|
|
specified in /etc/shorewall/tcclasses, duplicate class numbers
|
|
result. A typical error message is:
|
|
|
|
ERROR: Command "tc class add dev eth3 parent 1:1 classid
|
|
1:1 htb rate 1024kbit ceil 100000kbit prio 1 quantum 1500"
|
|
Failed
|
|
|
|
Note that the class ID of the class being added is a duplicate of
|
|
the parent's class ID.
|
|
|
|
You can work around this problem by explicitly specifying class
|
|
numbers in the INTERFACE column (e.g., 'eth0:2' or '1:2').
|
|
|
|
Will be corrected in Shorewall 4.4.4.
|
|
|