On 9/16/12 3:05 PM, Steven Jan Springl wrote: > The following rules file entry: > > ACCEPT fw dmz tcp 22 - - - : > > generates the following iptables rule: > > -A fw2dmz -p 6 --dport 22 -m owner -j ACCEPT > > which produces the following error message: > > iptables v1.4.15: owner: At least one of --uid-owner, --gid-owner or --socket- > exists is required
The attached patch resolves this issue. Thanks, Steven. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
diff --git a/Shorewall/Perl/Shorewall/Chains.pm
b/Shorewall/Perl/Shorewall/Chains.pm
index 78a8669..1797cea 100644
--- a/Shorewall/Perl/Shorewall/Chains.pm
+++ b/Shorewall/Perl/Shorewall/Chains.pm
@@ -4326,7 +4326,7 @@ sub do_user( $ ) {
require_capability 'OWNER_MATCH', 'A non-empty USER column', 's';
- assert ( $user =~ /^(!)?(.*?)(:(.*))?$/ );
+ assert( $user =~ /^(!)?(.*?)(:(.+))?$/ );
my $invert = $1 ? '! ' : '';
my $group = supplied $4 ? $4 : '';
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Everyone hates slow websites. So do we. Make your web apps faster with AppDynamics Download AppDynamics Lite for free today: http://ad.doubleclick.net/clk;258768047;13503038;j? http://info.appdynamics.com/FreeJavaPerformanceDownload.html
_______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
