On 5/23/11 4:12 PM, Steven Jan Springl wrote: > The attached config. produces the following error message: > > ERROR: Internal error in Shorewall::Chains::new_chain > at /usr/share/shorewall/Shorewall/Chains.pm line 1200 > > ----------------------------------------------------------------------------------------------- > > In the attached config action.sjs contains 2 PERMIT statements. > If the first is commented out and the second uncommented the following error > messages are produced: > > Use of uninitialized value in numeric gt (>) > at /usr/share/shorewall/Shorewall/Chains.pm line 814. > > ERROR: Internal error in Shorewall::Chains::decrement_reference_count > at /usr/share/shorewall/Shorewall/Chains.pm line 814
Steven, I believe that the attached patch corrects both problems. It will apply with offsets. -Tom PS -- I think this is an existing issue not related to 4.4.20. -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
diff --git a/Shorewall/Perl/Shorewall/Chains.pm
b/Shorewall/Perl/Shorewall/Chains.pm
index e47dd09..ee3a3c7 100644
--- a/Shorewall/Perl/Shorewall/Chains.pm
+++ b/Shorewall/Perl/Shorewall/Chains.pm
@@ -1590,6 +1590,8 @@ sub initialize_chain_table()
new_builtin_chain 'mangle', $chain, 'ACCEPT';
}
}
+
+ dont_move new_standard_chain 'reject';
}
#
diff --git a/Shorewall/Perl/Shorewall/Misc.pm b/Shorewall/Perl/Shorewall/Misc.pm
index 8bd3f2c..a1211b5 100644
--- a/Shorewall/Perl/Shorewall/Misc.pm
+++ b/Shorewall/Perl/Shorewall/Misc.pm
@@ -437,7 +437,7 @@ sub add_common_rules() {
my $state = $config{BLACKLISTNEWONLY} ? $globals{UNTRACKED} ? "-m
state --state NEW,INVALID,UNTRACKED " : "$globals{STATEMATCH} NEW,INVALID " :
'';
my $level = $config{BLACKLIST_LOGLEVEL};
- my $rejectref = dont_move new_standard_chain 'reject';
+ my $rejectref = $filter_table->{reject};
if ( $config{DYNAMIC_BLACKLIST} ) {
add_rule_pair dont_delete( new_standard_chain( 'logdrop' ) ), ' ' ,
'DROP' , $level ;
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ vRanger cuts backup time in half-while increasing security. With the market-leading solution for virtual backup and recovery, you get blazing-fast, flexible, and affordable data protection. Download your free trial now. http://p.sf.net/sfu/quest-d2dcopy1
_______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
