Re: [Shorewall-users] SECMARK and CONNSECMARK support in Shorewall

Hi, Tom,

Further to my previous post, I managed to load my ipsets manually
(through a shell script), but shorewall still refuses to start and I get
the following error:

ERROR: An ipset name (+blacklist-chinese-banned) is not allowed in this
context: /etc/shorewall/blacklist (line 11)

The line in question in my blacklist file contains this:

+blacklist-chinese-banned - - to

There are about 8 lines similar to this, though the above is the first
one. What's wrong? I had this working before, though I adopted the new
syntax (with the 'to'/'from' options) and changed to the above format.

------------------------------------------------------------------------------
This SF.net Dev2Dev email is sponsored by:

Show off your parallel programming skills.
Enter the Intel(R) Threading Challenge 2010.
http://p.sf.net/sfu/intel-thread-sfd
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users

• This message: [ Message body ]
• Next message: Tom Eastep: "Re: [Shorewall-users] SECMARK and CONNSECMARK support in Shorewall"
• Previous message: Tom Eastep: "Re: [Shorewall-users] SECMARK and CONNSECMARK support in Shorewall"
• Maybe in reply to: Mr Dash Four: "[Shorewall-users] SECMARK and CONNSECMARK support in Shorewall"
• Next in thread: Tom Eastep: "Re: [Shorewall-users] SECMARK and CONNSECMARK support in Shorewall"
• Reply: Tom Eastep: "Re: [Shorewall-users] SECMARK and CONNSECMARK support in Shorewall"
• Reply: Tom Eastep: "Re: [Shorewall-users] SECMARK and CONNSECMARK support in Shorewall"
• Reply: Tom Eastep: "Re: [Shorewall-users] SECMARK and CONNSECMARK support in Shorewall"

• Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ]