F19 Firewall
Lance Lassetter
lancelassetter at gmail.com
Thu Oct 3 07:49:54 UTC 2013
Has firewall.state been shipped yet?
Jiri Popelka <jpopelka at redhat.com> wrote:
>On 09/30/2013 05:42 PM, Jiri Popelka wrote:
>> <direct>
>> [ <rule ipv="ipv4" table="filter" chain="FORWARD_direct"
>> priority="0"> -m mark ! --mark 1/1 -j NFQUEUE </rule> ]
>
>Without the [ and ] (no idea how it got there).
>
>So once again:
>
><?xml version="1.0" encoding="utf-8"?>
><direct>
> <rule ipv="ipv4" table="filter" chain="FORWARD_direct" priority="0">
>-m mark ! --mark 1/1 -j NFQUEUE </rule>
> <rule ipv="ipv4" table="nat" chain="PREROUTING_direct" priority="0">
>-p tcp --dport 80 -j DNAT --to 192.168.1.2:3129 </rule>
> <rule ipv="ipv4" table="nat" chain="OUTPUT_direct" priority="0">
>-p tcp --dport 80 -m owner --gid-owner squid -j ACCEPT </rule>
> <rule ipv="ipv4" table="nat" chain="OUTPUT_direct" priority="1">
>-p tcp --dport 80 -m owner --uid-owner squid -j ACCEPT </rule>
> <rule ipv="ipv4" table="nat" chain="OUTPUT_direct" priority="2">
>-p tcp --dport 3129 -m owner --uid-owner squid -j ACCEPT </rule>
> <rule ipv="ipv4" table="nat" chain="OUTPUT_direct" priority="3">
>-p tcp --dport 80 -j REDIRECT --to-ports 3129 </rule>
></direct>
>
>--
>Jiri
>
>--
>security mailing list
>security at lists.fedoraproject.org
>https://admin.fedoraproject.org/mailman/listinfo/security
More information about the security
mailing list