forked from extern/shorewall_code
20 lines
509 B
Plaintext
20 lines
509 B
Plaintext
1) On systems running Upstart, shorewall-init cannot reliably secure
|
|
the firewall before interfaces are brought up.
|
|
|
|
2) The 'local' option in /etc/shorewall6/providers produces an 'ip
|
|
route add' command containing an IPv4 address.
|
|
|
|
3) When optimize level 4 is set, the optimizer mis-handles rules of the
|
|
form:
|
|
|
|
-A <chain1> -j <chain2> -m comment ...
|
|
|
|
when such a rule is the only rule in a chain.
|
|
|
|
Workarounds:
|
|
|
|
1. Don't use optimization level 4; or
|
|
2. Remove the comment from the rule.
|
|
|
|
|