On 4/10/13 7:59 PM, Tom Eastep wrote: > On 4/10/13 7:12 PM, "Mr Dash Four" <[email protected]> wrote: > >> >>> Yep, that did the trick. I am going to do a (very) light testing and >>> will continue tomorrow as I ran out of time... >> 1. >> >> rules >> ~~~~~ >> INLINE $FW net ; -m mickey-mouse --name test >> >> produces: >> >> [...] >> :INLINE - [0:0] >> [...] >> -A INLINE -m mickey -mouse --name test >> >> 2. >> >> rules >> ~~~~~ >> INLINE $FW:10.1.1.1 net:+mickey-mouse ; -m mickey-mouse --name test >> >> produces: >> >> [...] >> :INLINE - [0:0] >> [...] >> -A fw2net -j INLINE >> -A fw2net -s 10.1.1.1 -m set --match-set mickey-mouse dst -j INLINE >> >> Ignoring the above lines, shouldn't I get an error instead? >> >> 3. >> >> rules >> ~~~~~ >> INLINE $FW net tcp ; --dport 1234 -m mickey-mouse --name test >> >> produces: >> >> [...] >> :INLINE - [0:0] >> [...] >> -A INLINE --dport 1234 -m mickey -mouse --name test >> >> 4. >> >> rules >> ~~~~~ >> INLINE $FW net tcp - ; -p 17 --dport 2345 -j SECCTX --name test >> >> produces: >> >> [...] >> :INLINE - [0:0] >> [...] >> -A INLINE -p 17 --dport 2345 -j SECCTX --name test >> >> 5. >> >> rules >> ~~~~~ >> INLINE $FW net - - ; -j SECCTX --name test >> >> produces: >> >> -A fw2net -j SECCTX --name test >> >> which is correct, but shouldn't that produce an error as there are 2 >> trailing dashes (-) before ";"? More thorough testing tomorrow... > > Yep -- there are significant issues. Don't test more until Beta 3. >
Although some of the issues are corrected by this simple patch. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
diff --git a/Shorewall/action.INLINE b/Shorewall/action.INLINE index 943f233..85dfe3b 100644 --- a/Shorewall/action.INLINE +++ b/Shorewall/action.INLINE @@ -10,6 +10,7 @@ DEFAULTS - ?BEGIN PERL; use strict; +use Shorewall::Config; use Shorewall::Chains; use Shorewall::Rules; @@ -20,6 +21,8 @@ add_rule( $chainref, $rule, '' ); allow_optimize( $chainref ); +?set @1 0 + ?END PERL;
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Precog is a next-generation analytics platform capable of advanced analytics on semi-structured data. The platform includes APIs for building apps and a phenomenal toolset for data science. Developers can use our toolset for easy data analysis & visualization. Get a free account! http://www2.precog.com/precogplatform/slashdotnewsletter
_______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
