On 11/26/2012 06:54 AM, Mr Dash Four wrote: > >> The manpage is wrong (copy/paste error). The rule generator never >> accepts leading semicolons in a SOURCE or DEST. >> >> SOURCE (format 3) - [interface[:address-list]]|[address-list] >> > That explains it. So, the correct syntax for FORMAT 3 would be "DROP:O > +baddies-set" then, right? > >>>>> Why can't you get rid of the ":chain-designator" from ACTION (FORMAT >>>>> 3) and have the following in SOURCE instead: >>>>> >>>> I considered that approach but rejected. >>>> >>>> 1) A chain is not a SOURCE and using a chain-designator in place of >>>> a zone is not intuitive. >>>> >>> You already use "all", "all-" and "$FW" to do the same thing - all >>> you have to do is substitute/add ":PO" instead of/in addition to "all" and >>> do the same for "all-" and "$FW". I am no perl expert, but that can't be >>> very difficult to implement and should not involve "hackery", as you put it. >>> >>> >> >> 'all' and 'all-' have been reserved names from day one and $FW is a >> simple shell variable that expands to the name of a zone. 'PO', 'P' and >> 'O' are not reserved. >> > I still can't fathom why is it so difficult to keep everything in one > place and include chain designator definition as part of SOURCE, not > ACTION, but if that's the route you wish to take, so be it - I'll alter > my own copy later on to do what I want.
It is not difficult; I just think that it is wrong. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ Monitor your physical, virtual and cloud infrastructure from a single web console. Get in-depth insight into apps, servers, databases, vmware, SAP, cloud infrastructure, etc. Download 30-day Free Trial. Pricing starts from $795 for 25 servers or applications! http://p.sf.net/sfu/zoho_dev2dev_nov _______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
