Re: [Shorewall-devel] Shorewall 4.4.17 RC 1

[Tom Eastep]

On 2/8/11 3:53 PM, Steven Jan Springl wrote:

> 
> It catches all of them except:
> 
> ACCOUNT(net2lan,192.168.0.0/24)  NFLOG  eth0  eth1
> 
> and an additional one:
> 
> ACCOUNT(net2lan,192.168.0.0/24)  RETURN  eth0  eth1

Steven,

Please back out the prior patch and replace it with the attached.

Thanks!
-Tom
-- 
Tom Eastep        \ When I die, I want to go like my Grandfather who
Shoreline,         \ died peacefully in his sleep. Not screaming like
Washington, USA     \ all of the passengers in his car
http://shorewall.net \________________________________________________

diff --git a/Shorewall/Perl/Shorewall/Chains.pm 
b/Shorewall/Perl/Shorewall/Chains.pm
index 65f9d76..bd71b7c 100644
--- a/Shorewall/Perl/Shorewall/Chains.pm
+++ b/Shorewall/Perl/Shorewall/Chains.pm
@@ -1270,7 +1270,7 @@ sub ensure_accounting_chain( $$ )
        fatal_error "Non-accounting chain ($chain) used in an accounting rule" 
unless $chainref->{accounting};
     } else {
        fatal_error "Chain name ($chain) too long" if length $chain > 29;
-       fatal_error "Invalid Chain name ($chain)" unless $chain =~ /^[-\w]+$/;
+       fatal_error "Invalid Chain name ($chain)" if $builtin_target{$chain} || 
! $chain =~ /^[-\w]+$/;
        $chainref = new_chain 'filter' , $chain;
        $chainref->{accounting} = 1;
        $chainref->{referenced} = 1;
@@ -1359,7 +1359,7 @@ sub new_nat_chain($) {
 sub new_manual_chain($) {
     my $chain = $_[0];
     fatal_error "Chain name ($chain) too long" if length $chain > 29;
-    fatal_error "Invalid Chain name ($chain)" unless $chain =~ /^[-\w]+$/;
+    fatal_error "Invalid Chain name ($chain)" if $builtin_target{$chain} || ! 
$chain =~ /^[-\w]+$/;
     fatal_error "Duplicate Chain Name ($chain)" if $targets{$chain} || 
$filter_table->{$chain};
     $targets{$chain} = CHAIN;
     ( my $chainref = ensure_filter_chain( $chain, 0) )->{manual} = 1;

signature.asc
Description: OpenPGP digital signature

------------------------------------------------------------------------------
The ultimate all-in-one performance toolkit: Intel(R) Parallel Studio XE:
Pinpoint memory and threading errors before they happen.
Find and fix more than 250 security defects in the development cycle.
Locate bottlenecks in serial and parallel code that limit performance.
http://p.sf.net/sfu/intel-dev2devfeb
_______________________________________________
Shorewall-devel mailing list
Shorewall-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-devel