On 2/14/11 9:12 AM, Steven Jan Springl wrote: > When accounting contains: > > COMMENT Hello world > SECTION INPUT > test > test2 test > > The following errors are produced: > > iptables v1.4.10: Couldn't load target > `test2':/usr/local/libexec/xtables/libipt_test2.so: cannot open shared object > file: No such file or directory > > ERROR: Command "/usr/local/sbin/iptables -A INPUT -j test2 -m > comment --comment "Hello world" -m comment --comment "Hello world"" Failed > > Note, if the COMMENT line is removed the error does not occur.
This one-liner seems to remove the bug. Thanks, Steven -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
diff --git a/Shorewall/Perl/Shorewall/Chains.pm
b/Shorewall/Perl/Shorewall/Chains.pm
index 56ed2bd..aa1e128 100644
--- a/Shorewall/Perl/Shorewall/Chains.pm
+++ b/Shorewall/Perl/Shorewall/Chains.pm
@@ -1896,7 +1896,7 @@ sub optimize_level4( $$ ) {
#
# Chain has a single rule
#
- if ( $firstrule =~ /^-A -[jg] (.*)$/ ) {
+ if ( $firstrule =~ /^-A -[jg] ([^\s])(\s+-m comment
.*)?\s*$/ ) {
#
# Easy case -- the rule is a simple jump
#
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ The ultimate all-in-one performance toolkit: Intel(R) Parallel Studio XE: Pinpoint memory and threading errors before they happen. Find and fix more than 250 security defects in the development cycle. Locate bottlenecks in serial and parallel code that limit performance. http://p.sf.net/sfu/intel-dev2devfeb
_______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
