>> policy ~~~~~~ $FW net DROP:C_MACRO(info) info
>>
>> This time the message is "ERROR: Default Action Macros may not have
>> parameters"
>
> These will have to wait for Beta 2 -- at that point NFLOG() should work
> as you expect and you can specify 'DROP:C_MACRO(info)' if you want to
> make simple 'LOG' rules log at the 'info' level.
Was this missed from the Beta2 announcement or deliberately left out and not
implemented in this Beta? Further on this, the man shorewall-policy tells me
that the format of the POLICY column is:
POLICY -
{ACCEPT|DROP|REJECT|CONTINUE|QUEUE|NFQUEUE[(queuenumber)]|NONE}[:{default-action-or-macro|None}]
[...]
If the policy is neither CONTINUE nor NONE then the policy may be followed by
":" and one of the following:
1. The word "None" or "none". This causes any default action
defined in shorewall.conf[2](5) to be omitted for this policy.
2. The name of a macro. The rules in that macro will be applied
before the policy is enforced. This does not require USE_ACTIONS=Yes.
Should I assume from the above that I can't use actions? If so,
"default-action-or-macro" should just be "default-macro" instead. If that is
not the case, then the format for including custom-or-built-in actions needs to
be defined. All that provided macros are allowed.
------------------------------------------------------------------------------
Monitor your physical, virtual and cloud infrastructure from a single
web console. Get in-depth insight into apps, servers, databases, vmware,
SAP, cloud infrastructure, etc. Download 30-day Free Trial.
Pricing starts from $795 for 25 servers or applications!
http://p.sf.net/sfu/zoho_dev2dev_nov
_______________________________________________
Shorewall-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-devel
