Mageia Bugzilla – Attachment 4109 Details for
Bug 8225
Log shorewall display "WARNING: The state match is obsolete. Use conntrack instead."
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
Log In
[x]
|
New Account
|
Forgot Password
[patch]
Patch for Interactive Firewall
bug8225.patch (text/plain), 1.13 KB, created by
Derek Jennings
on 2013-06-06 22:21:03 CEST
(
hide
)
Description:
Patch for Interactive Firewall
Filename:
MIME Type:
Creator:
Derek Jennings
Created:
2013-06-06 22:21:03 CEST
Size:
1.13 KB
patch
obsolete
>--- /usr/lib/libDrakX/network/drakfirewall.pm 2013-05-08 14:59:57.000000000 +0100 >+++ drakfirewall.pm 2013-06-06 20:29:37.000000000 +0100 >@@ -284,7 +284,7 @@ > my $proto = $_; > map { > my $multiport = /:/ && " -m multiport"; >- "iptables -A Ifw -m state --state NEW -p $proto$multiport --dport $_ -j IFWLOG --log-prefix NEW\n"; >+ "iptables -A Ifw -m conntrack --ctstate NEW -p $proto$multiport --dport $_ -j IFWLOG --log-prefix NEW\n"; > } @{$ports_by_proto->{$proto}}; > } intersection([ qw(tcp udp) ], [ keys %$ports_by_proto ]), > ); > > > >--- /etc/ifw/rules.d/psd 2013-01-12 16:48:39.000000000 +0000 >+++ psd 2013-06-06 20:31:40.000000000 +0100 >@@ -1 +1 @@ >-iptables -A Ifw -m state --state NEW,INVALID -m psd --psd-weight-threshold 10 --psd-delay-threshold 10000 --psd-lo-ports-weight 2 --psd-hi-ports >-weight 1 -j IFWLOG --log-prefix SCAN >+iptables -A Ifw -m conntrack --ctstate NEW,INVALID -m psd --psd-weight-threshold 10 --psd-delay-threshold 10000 --psd-lo-ports-weight 2 --psd-hi >-ports-weight 1 -j IFWLOG --log-prefix SCAN > >
--- /usr/lib/libDrakX/network/drakfirewall.pm 2013-05-08 14:59:57.000000000 +0100 +++ drakfirewall.pm 2013-06-06 20:29:37.000000000 +0100 @@ -284,7 +284,7 @@ my $proto = $_; map { my $multiport = /:/ && " -m multiport"; - "iptables -A Ifw -m state --state NEW -p $proto$multiport --dport $_ -j IFWLOG --log-prefix NEW\n"; + "iptables -A Ifw -m conntrack --ctstate NEW -p $proto$multiport --dport $_ -j IFWLOG --log-prefix NEW\n"; } @{$ports_by_proto->{$proto}}; } intersection([ qw(tcp udp) ], [ keys %$ports_by_proto ]), ); --- /etc/ifw/rules.d/psd 2013-01-12 16:48:39.000000000 +0000 +++ psd 2013-06-06 20:31:40.000000000 +0100 @@ -1 +1 @@ -iptables -A Ifw -m state --state NEW,INVALID -m psd --psd-weight-threshold 10 --psd-delay-threshold 10000 --psd-lo-ports-weight 2 --psd-hi-ports -weight 1 -j IFWLOG --log-prefix SCAN +iptables -A Ifw -m conntrack --ctstate NEW,INVALID -m psd --psd-weight-threshold 10 --psd-delay-threshold 10000 --psd-lo-ports-weight 2 --psd-hi -ports-weight 1 -j IFWLOG --log-prefix SCAN
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 8225
: 4109