On 11/25/2012 05:00 AM, Mr Dash Four wrote:
>
>>> policy ~~~~~~ $FW net DROP:C_MACRO(info) info
>>>
>>> This time the message is "ERROR: Default Action Macros may not have
>>> parameters"
>>
>> These will have to wait for Beta 2 -- at that point NFLOG() should work
>> as you expect and you can specify 'DROP:C_MACRO(info)' if you want to
>> make simple 'LOG' rules log at the 'info' level.
> Was this missed from the Beta2 announcement or deliberately left out
> and not implemented in this Beta?
No -- it was implemented; I simply neglected to document it.
> Further on this, the man shorewall-policy tells me that the format of the
> POLICY column is:
>
>
> POLICY -
> {ACCEPT|DROP|REJECT|CONTINUE|QUEUE|NFQUEUE[(queuenumber)]|NONE}[:{default-action-or-macro|None}]
> [...]
> If the policy is neither CONTINUE nor NONE then the policy may be followed by
> ":" and one of the following:
> 1. The word "None" or "none". This causes any default action
> defined in shorewall.conf[2](5) to be omitted for this policy.
> 2. The name of a macro. The rules in that macro will be applied
> before the policy is enforced. This does not require USE_ACTIONS=Yes.
The list is incomplete; it should, of course, include an action. It
should go on to say that both actions and macros may include parameters;
in the case of a macro, the single parameter specifies the log level to
be applied to all rules in the macro.
Given that specifying a log level affects all rules in the macro (except
NFLOG and ULOG), I wouldn't recommend specifying a log level.
>
> Should I assume from the above that I can't use actions?
Actions are still allowed.
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car
http://shorewall.net \________________________________________________
------------------------------------------------------------------------------
Monitor your physical, virtual and cloud infrastructure from a single
web console. Get in-depth insight into apps, servers, databases, vmware,
SAP, cloud infrastructure, etc. Download 30-day Free Trial.
Pricing starts from $795 for 25 servers or applications!
http://p.sf.net/sfu/zoho_dev2dev_nov
_______________________________________________
Shorewall-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-devel
