Re: [Shorewall-devel] Shorewall 4.4.17 RC 1

Tom Eastep Thu, 10 Feb 2011 13:12:11 -0800

On 2/9/11 5:42 PM, Tom Eastep wrote:

> 
> As I mentioned earlier, the Netfilter team are always busy inventing new
> targets; so we'll never be foolproof on all systems. I've updated the
> accounting manpages with advice to include lower-case, digits, '-' or
> '_' in accounting chain names. I think that is enough.
>


FWIW, I've commited the attached patch for 4.4.18.

Thanks again, Steven, for all of your help.
-Tom
-- 
Tom Eastep        \ When I die, I want to go like my Grandfather who
Shoreline,         \ died peacefully in his sleep. Not screaming like
Washington, USA     \ all of the passengers in his car
http://shorewall.net \________________________________________________

diff --git a/Shorewall/Perl/Shorewall/Chains.pm 
b/Shorewall/Perl/Shorewall/Chains.pm
index 65f9d76..e81c794 100644
--- a/Shorewall/Perl/Shorewall/Chains.pm
+++ b/Shorewall/Perl/Shorewall/Chains.pm
@@ -326,19 +326,41 @@ our $mode;
 our $family;
 
 #
-# These are the zone-oriented builtin targets
-#
-our %builtin_target = ( ACCEPT   => 1,
-                       REJECT   => 1,
-                       DROP     => 1,
-                       RETURN   => 1,
-                       COUNT    => 1,
-                       DNAT     => 1,
-                       LOG      => 1,
-                       NFLOG    => 1,
-                       QUEUE    => 1,
-                       NFQUEUE  => 1,
-                       REDIRECT => 1 );
+# These are the current builtin targets
+#
+our %builtin_target = ( ACCEPT      => 1,
+                       REJECT      => 1,
+                       DROP        => 1,
+                       RETURN      => 1,
+                       COUNT       => 1,
+                       DNAT        => 1,
+                       LOG         => 1,
+                       NFLOG       => 1,
+                       QUEUE       => 1,
+                       NFQUEUE     => 1,
+                       REDIRECT    => 1,
+                       CLUSTERIP   => 1,
+                       ECN         => 1,
+                       MASQUERADE  => 1,
+                       MIRROR      => 1,
+                       NETMAP      => 1,
+                       SAME        => 1,
+                       SET         => 1,
+                       SNAT        => 1,
+                       TTL         => 1,
+                       ULOG        => 1,
+                       HL          => 1,
+                       CONNMARK    => 1,
+                       CONNSECMARK => 1,
+                       DSCP        => 1,
+                       MARK        => 1,
+                       NOTRACK     => 1,
+                       RATTEST     => 1,
+                       SECMARK     => 1,
+                       TCPOPTSTRIP => 1,
+                       TOS         => 1,
+                       TRACE       => 1,
+                       );
 
 #
 # Rather than initializing globals in an INIT block or during declaration,

signature.asc
Description: OpenPGP digital signature

------------------------------------------------------------------------------
The ultimate all-in-one performance toolkit: Intel(R) Parallel Studio XE:
Pinpoint memory and threading errors before they happen.
Find and fix more than 250 security defects in the development cycle.
Locate bottlenecks in serial and parallel code that limit performance.
http://p.sf.net/sfu/intel-dev2devfeb

_______________________________________________
Shorewall-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-devel

Re: [Shorewall-devel] Shorewall 4.4.17 RC 1

Reply via email to