Re: [Shorewall-users] RHEL4 + Shorewall + IPSec patches?

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

Tom,

Thanks for the answer, to keep the threat complete with the answer, but
I'm out of luck. Now the decision custom kernel or openvpn ;-)

RHEL4/CentOS4 output:

[root@hn00tmp01 ~]# shorewall show capabilities
   WARNING: Shorewall startup is disabled. To enable startup, set
STARTUP_ENABLED=Yes in /etc/shorewall/shorewall.conf
Loading /usr/share/shorewall/functions...
Processing /etc/shorewall/params ...
Processing /etc/shorewall/shorewall.conf...
Loading Modules...
Shorewall has detected the following iptables/netfilter capabilities:
   NAT: Available
   Packet Mangling: Available
   Multi-port Match: Available
   Extended Multi-port Match: Not available
   Connection Tracking Match: Available
   Packet Type Match: Available
   Policy Match: Not available
   Physdev Match: Available
   IP range Match: Available
   Recent Match: Available
   Owner Match: Available
   Ipset Match: Not available
   ROUTE Target: Not available
   Extended MARK Target: Not available
   CONNMARK Target: Not available
   Connmark Match: Not available
   Raw Table: Available

[root@hn00tmp01 ~]# uname -a
Linux hn00tmp01.sjc.nl 2.6.9-22.EL #1 Sat Oct 8 17:48:27 CDT 2005 i686
i686 i386 GNU/Linux

Stijn

On 19-Oct-2005 22:57, Tom Eastep wrote:
> On Wednesday 19 October 2005 11:55, Stijn Jonker wrote:
> 
> 
>>I checked the source rpm and the patches included in there, but due to
>>the huge amount (100 or so) I'm not a 100% sure. Is there a way I can
>>quickly check this on a single test install inside vmware by some sort
>>of iptables command or so?
>>
> 
> gateway:/etc/shorewall# shorewall show capabilities
> Shorewall has detected the following iptables/netfilter capabilities:
>    NAT: Available
>    Packet Mangling: Available
>    Multi-port Match: Available
>    Extended Multi-port Match: Available
>    Connection Tracking Match: Available
>    Packet Type Match: Available
>    Policy Match: Not available <============== must be Available
>    Physdev Match: Available
>    IP range Match: Available
>    Recent Match: Available
>    Owner Match: Available
>    Ipset Match: Available
>    ROUTE Target: Not available
>    Extended MARK Target: Available
>    CONNMARK Target: Available
>    Connmark Match: Available
>    Raw Table: Available
>    CLASSIFY Target: Available
> gateway:/etc/shorewall# 
> 
> -Tom          

-- 
Met Vriendelijke groet/Yours Sincerely
Stijn Jonker <SJC...@sj...>