Re: [Fwbuilder-discussion] What does this mean?
Brought to you by:
mikehorn
Menu
▾
▴
Re: [Fwbuilder-discussion] What does this mean?
|
From: Tom D. <td...@ro...> - 2009-07-14 02:06:54
|
On Mon, 13 Jul 2009, Vadim Kurland ✎ wrote: > > also, could you please open a bug on SourceForge ? Done!! bug # is 2821050. Also it looks like the warning was added in version 1.4.3.2 of iptables. The changelog is here: http://marc.info/?l=netfilter-devel&m=123901795723602&q=p3 Hope this helps. Regards, -- Tom Diehl td...@ro... Spamtrap address mt...@ro... > > --vk > > On Jul 13, 2009, at 6:29 PM, Vadim Kurland ✎ wrote: > >> >> On Jul 13, 2009, at 6:16 PM, Tom Diehl wrote: >> >>>> >>> >>> It looks like the following rules from the .fw file are generating >>> the warnings: >>> >>> echo "Rule 2 (NAT)" >>> # >>> # Dnat rule for ben >>> $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -s ! 192.168.1.0/24 - >>> d my.ext.ip.addr --dport 3389 -j DNAT --to-destination 192.168.1.4 >>> >>> # >>> # Rule 13 (global) >>> # >>> echo "Rule 13 (global)" >>> # >>> # Ports fwded to Ben >>> # >>> $IPTABLES -A OUTPUT -p tcp -m tcp -s ! 192.168.1.0/24 -d >>> 192.168.1.4 --dport 3389 -m state --state NEW -j ACCEPT >>> $IPTABLES -A FORWARD -p tcp -m tcp -s ! 192.168.1.0/24 -d >>> 192.168.1.4 --dport 3389 -m state --state NEW -j ACCEPT >>> >>> If I disable the rules that generate the above, the warnings go >>> away. I am >>> guessing from the warnings that instead of -s ! the preferred syntax >>> is >>> ! -s . >>> >>> Does this make sense to you? >> >> >> >> yes, this makes sense. Now I need to figure out when (what version) >> did they make this change in iptables . >> >> >> >> Vadim Kurland ✍ >> va...@vk... >> >> >> >> >> >> >> >> ------------------------------------------------------------------------------ >> Enter the BlackBerry Developer Challenge >> This is your chance to win up to $100,000 in prizes! For a limited time, >> vendors submitting new applications to BlackBerry App World(TM) will have >> the opportunity to enter the BlackBerry Developer Challenge. See full prize >> details at: http://p.sf.net/sfu/Challenge >> _______________________________________________ >> Fwbuilder-discussion mailing list >> Fwb...@li... >> https://lists.sourceforge.net/lists/listinfo/fwbuilder-discussion > > Vadim Kurland ✍ > va...@vk... > > > > > |