On 7/20/11 4:40 PM, Steven Jan Springl wrote: > On Thursday 21 July 2011 00:24:10 Tom Eastep wrote: >> On 7/20/11 4:14 PM, Steven Jan Springl wrote: >>> To get the following rule to work, I applied the LOGMARK patch that you >>> wrote for Ed W. >>> >>> LOG:LOGMARK(info) lan fw tcp 100 >>> >>> If I change the rule to: >>> >>> LOG:LOGMARK() lan fw tcp 100 >>> >>> The following iptables rule is generated: >>> >>> -A lan2fw -p 6 --dport 100 -m hashlimit --hashlimit-upto >>> 4/sec --hashlimit-burst 8 --hashlimit-name lograte --hashlimit-mode dstip >>> -j LOGMARK --log-level --log-prefix "Shorewall:la:" >>> >>> which produces the following messages: >>> >>> Use of uninitialized value $sublevel in pattern match (m//) >>> at /usr/share/shorewall/Shorewall/Config.pm line 2145, <$currentfile> >>> line 18. >>> >>> Use of uninitialized value $sublevel in concatenation (.) or string >>> at /usr/share/shorewall/Shorewall/Config.pm line 2149, <$currentfile> >>> line 18. >>> >>> iptables-restore v1.4.11.1: LOGMARK: Bad value for "--log-level" >>> option: "--log-prefix" >> >> Steven, >> >> I had already changed the LOGMARK implementation to make the parameter >> optional (default is 6). See if this doesn't correct that problem. >> >> Thanks, >> -Tom > > Tom > > After applying the patch, I get the following message: > > ERROR: Invalid log level (LOGMARK()) : /etc/shorewallA/rules (line 18)
That's what I expected. The syntax shown in the manpage part of the
patch is:
LOGMARK[(<priority>)]
where <priority> is a syslog priority. It doesn't indicate that
<priority> is optional.
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car
http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ 10 Tips for Better Web Security Learn 10 ways to better secure your business today. Topics covered include: Web security, SSL, hacker attacks & Denial of Service (DoS), private keys, security Microsoft Exchange, secure Instant Messaging, and much more. http://www.accelacomm.com/jaw/sfnl/114/51426210/
_______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
