F19 Firewall

Thu Oct 3 07:51:27 UTC 2013

On Thu, Oct 03, 2013 at 09:24:34AM +0200, Jiri Popelka wrote:
> On 09/30/2013 05:42 PM, Jiri Popelka wrote:
> ><direct>
> >   [ <rule ipv="ipv4" table="filter" chain="FORWARD_direct"
> >priority="0"> -m mark ! --mark 1/1 -j NFQUEUE </rule> ]
> 
> Without the [ and ] (no idea how it got there).
> 
> So once again:
> 
> <?xml version="1.0" encoding="utf-8"?>
> <direct>
>   <rule ipv="ipv4" table="filter" chain="FORWARD_direct"
> priority="0"> -m mark ! --mark 1/1 -j NFQUEUE </rule>
>   <rule ipv="ipv4" table="nat" chain="PREROUTING_direct"
> priority="0"> -p tcp --dport 80 -j DNAT --to 192.168.1.2:3129
> </rule>
>   <rule ipv="ipv4" table="nat"     chain="OUTPUT_direct"
> priority="0"> -p tcp  --dport 80 -m owner --gid-owner squid -j
> ACCEPT </rule>
>   <rule ipv="ipv4" table="nat"     chain="OUTPUT_direct"
> priority="1"> -p tcp --dport 80 -m owner --uid-owner squid -j ACCEPT
> </rule>
>   <rule ipv="ipv4" table="nat"     chain="OUTPUT_direct"
> priority="2"> -p tcp --dport 3129 -m owner --uid-owner squid -j
> ACCEPT </rule>
>   <rule ipv="ipv4" table="nat"     chain="OUTPUT_direct"
> priority="3"> -p tcp --dport 80 -j REDIRECT --to-ports 3129 </rule>
> </direct>
> 
> --
> Jiri
> 
> --
> security mailing list
> security at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/security

Sorry, top posted.

Has firewall.state been shipped yet?

Lance