Re: [Shorewall-devel] Shorewall 4.5.10 Beta 3

Sun, 02 Dec 2012 07:12:15 -0800 

On 12/01/2012 05:29 PM, Tom Eastep wrote:


4. Further to the "forbidden or not" discussion earlier, I am not sure
whether the above can be considered a bug, but, at the very least,
there
seems to be inconsistency in reporting of errors/allowing inlined
actions. The following actions appear on the "forbidden" list, but are
allowed in for invocation inline: Broadcast*, Invalid, RST and
TCPFlags*

In case where DropSmurfs is used inline, the error I am getting is
"ERROR: Bareword "IPv6_MULTICAST" not allowed while "strict subs" in
use
at /usr/share/shorewall/action.DropSmurfs line 80" instead of the
"ERROR: Invalid Action (XXX) in inline action"

* - This invocation is translated to a straight jump (-j
<action_name>)
- inline - instead of emitting an error message.


This is a non-issue now that 'inline' is ignored for these actions.

Please elaborate.


My post of this afternoon explained that in RC 1, the compile will ignore
(with a warning), 'inline' on one of these actions. So I don't believe
that there is any inconsistency once that release is available.



Ah -- but there was a bug in action.DropSmurfs; patch attached.

Thanks,
-Tom
--
Tom Eastep        \ When I die, I want to go like my Grandfather who
Shoreline,         \ died peacefully in his sleep. Not screaming like
Washington, USA     \ all of the passengers in his car
http://shorewall.net \________________________________________________

diff --git a/Shorewall/action.DropSmurfs b/Shorewall/action.DropSmurfs
index 100daa2..4767128 100644
--- a/Shorewall/action.DropSmurfs
+++ b/Shorewall/action.DropSmurfs
@@ -16,6 +16,7 @@ DEFAULTS -
 ?BEGIN PERL;
 use strict;
 use Shorewall::Config qw(:DEFAULT F_IPV4 F_IPV6);
+use Shorewall::IPAddrs qw( IPv6_MULTICAST );
 use Shorewall::Chains;
 use Shorewall::Rules;
 

------------------------------------------------------------------------------
Keep yourself connected to Go Parallel: 
DESIGN Expert tips on starting your parallel project right.
http://goparallel.sourceforge.net/
_______________________________________________
Shorewall-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-devel

Reply via email to