F19 Firewall
Lance Lassetter
lancelassetter at gmail.com
Thu Oct 3 07:51:27 UTC 2013
On Thu, Oct 03, 2013 at 09:24:34AM +0200, Jiri Popelka wrote:
> On 09/30/2013 05:42 PM, Jiri Popelka wrote:
> ><direct>
> > [ <rule ipv="ipv4" table="filter" chain="FORWARD_direct"
> >priority="0"> -m mark ! --mark 1/1 -j NFQUEUE </rule> ]
>
> Without the [ and ] (no idea how it got there).
>
> So once again:
>
> <?xml version="1.0" encoding="utf-8"?>
> <direct>
> <rule ipv="ipv4" table="filter" chain="FORWARD_direct"
> priority="0"> -m mark ! --mark 1/1 -j NFQUEUE </rule>
> <rule ipv="ipv4" table="nat" chain="PREROUTING_direct"
> priority="0"> -p tcp --dport 80 -j DNAT --to 192.168.1.2:3129
> </rule>
> <rule ipv="ipv4" table="nat" chain="OUTPUT_direct"
> priority="0"> -p tcp --dport 80 -m owner --gid-owner squid -j
> ACCEPT </rule>
> <rule ipv="ipv4" table="nat" chain="OUTPUT_direct"
> priority="1"> -p tcp --dport 80 -m owner --uid-owner squid -j ACCEPT
> </rule>
> <rule ipv="ipv4" table="nat" chain="OUTPUT_direct"
> priority="2"> -p tcp --dport 3129 -m owner --uid-owner squid -j
> ACCEPT </rule>
> <rule ipv="ipv4" table="nat" chain="OUTPUT_direct"
> priority="3"> -p tcp --dport 80 -j REDIRECT --to-ports 3129 </rule>
> </direct>
>
> --
> Jiri
>
> --
> security mailing list
> security at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/security
Sorry, top posted.
Has firewall.state been shipped yet?
Lance
More information about the security
mailing list