Has firewall.state been shipped yet? Jiri Popelka <jpopelka@xxxxxxxxxx> wrote: >On 09/30/2013 05:42 PM, Jiri Popelka wrote: >> <direct> >> [ <rule ipv="ipv4" table="filter" chain="FORWARD_direct" >> priority="0"> -m mark ! --mark 1/1 -j NFQUEUE </rule> ] > >Without the [ and ] (no idea how it got there). > >So once again: > ><?xml version="1.0" encoding="utf-8"?> ><direct> > <rule ipv="ipv4" table="filter" chain="FORWARD_direct" priority="0"> >-m mark ! --mark 1/1 -j NFQUEUE </rule> > <rule ipv="ipv4" table="nat" chain="PREROUTING_direct" priority="0"> >-p tcp --dport 80 -j DNAT --to 192.168.1.2:3129 </rule> > <rule ipv="ipv4" table="nat" chain="OUTPUT_direct" priority="0"> >-p tcp --dport 80 -m owner --gid-owner squid -j ACCEPT </rule> > <rule ipv="ipv4" table="nat" chain="OUTPUT_direct" priority="1"> >-p tcp --dport 80 -m owner --uid-owner squid -j ACCEPT </rule> > <rule ipv="ipv4" table="nat" chain="OUTPUT_direct" priority="2"> >-p tcp --dport 3129 -m owner --uid-owner squid -j ACCEPT </rule> > <rule ipv="ipv4" table="nat" chain="OUTPUT_direct" priority="3"> >-p tcp --dport 80 -j REDIRECT --to-ports 3129 </rule> ></direct> > >-- >Jiri > >-- >security mailing list >security@xxxxxxxxxxxxxxxxxxxxxxx >https://admin.fedoraproject.org/mailman/listinfo/security -- security mailing list security@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/security
