> The manpage is wrong (copy/paste error). The rule generator never > accepts leading semicolons in a SOURCE or DEST. > > SOURCE (format 3) - [interface[:address-list]]|[address-list] > That explains it. So, the correct syntax for FORMAT 3 would be "DROP:O +baddies-set" then, right?
>>>> Why can't you get rid of the ":chain-designator" from ACTION (FORMAT >>>> 3) and have the following in SOURCE instead: >>>> >>> I considered that approach but rejected. >>> >>> 1) A chain is not a SOURCE and using a chain-designator in place of >>> a zone is not intuitive. >>> >> You already use "all", "all-" and "$FW" to do the same thing - all >> you have to do is substitute/add ":PO" instead of/in addition to "all" and >> do the same for "all-" and "$FW". I am no perl expert, but that can't be >> very difficult to implement and should not involve "hackery", as you put it. >> >> > > 'all' and 'all-' have been reserved names from day one and $FW is a > simple shell variable that expands to the name of a zone. 'PO', 'P' and > 'O' are not reserved. > I still can't fathom why is it so difficult to keep everything in one place and include chain designator definition as part of SOURCE, not ACTION, but if that's the route you wish to take, so be it - I'll alter my own copy later on to do what I want. ------------------------------------------------------------------------------ Monitor your physical, virtual and cloud infrastructure from a single web console. Get in-depth insight into apps, servers, databases, vmware, SAP, cloud infrastructure, etc. Download 30-day Free Trial. Pricing starts from $795 for 25 servers or applications! http://p.sf.net/sfu/zoho_dev2dev_nov _______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
