Shorewall 5.2.3.6 Further testing of the redirect rules mentioned in a previous thread seems to indicate that using `!&<interface>` in the `ORIGDEST` column of the `/etc/shorewall6/rules` file does not cause that rule to exclude packets with the link-local IP of the gateway as their original destination.
For example... > DNS(REDIRECT) lan 53 - - - !&lan ...causes dns queries to the link-local v6-IP of my gateway's lan interface to be redirected. But... > DNS(REDIRECT) lan 53 - - - !&lan,fe80::blah:blah:blah ..., correctly, does not. Is this intended behavior? The documentation (shorewall-rules manpage) seems to imply all IPs of the interface are covered by `&<interface>` but I may be reading too much into it. -- - J Cliff Armstrong - AKA JadedDragoon
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
