On 3/14/11 5:04 PM, Steven Jan Springl wrote: > Tom > > Rule: > > ACCEPT net lan icmp , > > produces the following error messages: > > iptables v1.4.10: Invalid ICMP type `-j' > > ERROR: Command "/usr/local/sbin/iptables -A net2lan -p 1 --icmp-type -j > ACCEPT" Failed
The attached patch should fix this. Thanks, Steven -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
diff --git a/Shorewall/Perl/Shorewall/Chains.pm
b/Shorewall/Perl/Shorewall/Chains.pm
index a9e9360..eebda03 100644
--- a/Shorewall/Perl/Shorewall/Chains.pm
+++ b/Shorewall/Perl/Shorewall/Chains.pm
@@ -2276,7 +2276,7 @@ sub do_proto( $$$;$ )
if ( $ports =~ /,/ ) {
fatal_error "An inverted ICMP list may only contain
a single type" if $invert;
$types = '';
- for my $type ( split /,/, $ports ) {
+ for my $type ( split_list( $ports, 'ICMP type list'
) ) {
$types = $types ? join( ',', $types,
validate_icmp( $type ) ) : $type;
}
} else {
@@ -2300,7 +2300,7 @@ sub do_proto( $$$;$ )
if ( $ports =~ /,/ ) {
fatal_error "An inverted ICMP list may only contain
a single type" if $invert;
$types = '';
- for my $type ( split /,/, $ports ) {
+ for my $type ( list_split( $ports, 'ICMP type list'
) ) {
$types = $types ? join( ',', $types,
validate_icmp6( $type ) ) : $type;
}
} else {
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Colocation vs. Managed Hosting A question and answer guide to determining the best fit for your organization - today and in the future. http://p.sf.net/sfu/internap-sfd2d
_______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
