设立岸墙动态区域,http://shorewall.net/Dynamic.htmlshorewall show dynamic zone显示zone 是您的区域之一的命令。我可以让add和delete命令运行,但不能运行show dynamic命令。
这是一个 shell 会话,其输出ipset list证明这些项目确实存在。
$ ipset list CPREM_br0
Name: CPREM_br0
Type: hash:ip
Header: family inet hashsize 1024 maxelem 65536
Size in memory: 16520
References: 66
Members:
192.168.85.153
$ shorewall add br0:192.168.85.200 CPREM
Host br0:192.168.85.200 added to zone CPREM
$ shorewall show dynamic CPREM
$ ipset list CPREM_br0
Name: CPREM_br0
Type: hash:ip
Header: family inet hashsize 1024 maxelem 65536
Size in memory: 16536
References: 66
Members:
192.168.85.153
192.168.85.200
$ shorewall delete br0:192.168.85.200 CPREM
Host br0:192.168.85.200 deleted from zone CPREM
$ ipset list CPREM_br0
Name: CPREM_br0
Type: hash:ip
Header: family inet hashsize 1024 maxelem 65536
Size in memory: 16536
References: 66
Members:
192.168.85.153
我使用的是 Ubuntu 12.04(4.4.26.1-1)的打包版本