On Wed, 2011-07-20 at 21:29 +0100, Steven Jan Springl wrote: > Rule: > > ACCEPT lan fw tcp !987 > > generates the following ipatbles rule: > > -A lan2fw -p 6 --dport ! 987 -j ACCEPT > > which produces the following message: > > Using intrapositioned negation (`--option ! this`) is deprecated in favor of > extrapositioned (`! --option this`).
Steven, This seems to fix it. Thanks, -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
diff --git a/Shorewall/Perl/Shorewall/Chains.pm b/Shorewall/Perl/Shorewall/Chains.pm
index bae080e..b1b548d 100644
--- a/Shorewall/Perl/Shorewall/Chains.pm
+++ b/Shorewall/Perl/Shorewall/Chains.pm
@@ -756,8 +756,9 @@ sub format_rule( $$;$ ) {
if ( exists $ruleref->{$_} ) {
my $value = $ruleref->{$_};
+ $rule .= ' !' if $value =~ s/^! //;
+
if ( length == 1 ) {
- $rule .= ' !' if $value =~ s/^! //;
$rule .= join( '' , ' -', $_, ' ', $value );
} else {
$rule .= join( '' , ' --', $_, ' ', $value );
signature.asc
Description: This is a digitally signed message part
------------------------------------------------------------------------------ 10 Tips for Better Web Security Learn 10 ways to better secure your business today. Topics covered include: Web security, SSL, hacker attacks & Denial of Service (DoS), private keys, security Microsoft Exchange, secure Instant Messaging, and much more. http://www.accelacomm.com/jaw/sfnl/114/51426210/
_______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
