On 4/17/13 2:56 PM, "Dash Four" <[email protected]> wrote:
>
>
>Tom Eastep wrote:
>> Patch attached.
>>
>Better, much better! Three minor issues so far:
>
>1.
>rules
>~~~~~
>INLINE $FW net ; -j DROP --name test2
>
>produces
>
>-A fw2net -j DROP --name test2
>
>Maybe the optimiser can check that DROP doesn't have a "name" parameter
>(this is valid for all targets "known" to shorewall - like NFLOG, LOG
>and so on).
Patch TARGETOPTIONS.patch attached.
>
>2.
>rules
>~~~~~
>INLINE:NFLOG(1,0,1) $FW net ; -m mickey-mouse --name test
>
>produces the old "invalid column/value pair (-m)" error, though
>INLINE(NFLOG(1,0,1)) $FW net ; -m mickey-mouse --name test" works as
>expected.
Patch INLINECOLON.patch attached.
>
>3. How do I specify INLINE in actions (including inline actions)? I
>tried using something like 'TEST("-j SECCTX --name test",drop) $FW net',
>bearing in mind that TEST takes 2 parameters - one the INLINE action
>parameters (the stuff after ";"); and two - parameter for the AUDIT
>action, but I've got shorewall moaning about my double quotes (without
>the quotes I also get an error).
>
>The TEST action consists of this:
>
>?IF $1
>INLINE ; $1
>?ENDIF
>?IF $2
>AUDIT($2)
>?ENDIF
Any use of quoted strings will be a major project to implement.
-Tom
You do not need a parachute to skydive. You only need a parachute to
skydive twice.
INLINECOLON.patch
Description: Binary data
------------------------------------------------------------------------------ Precog is a next-generation analytics platform capable of advanced analytics on semi-structured data. The platform includes APIs for building apps and a phenomenal toolset for data science. Developers can use our toolset for easy data analysis & visualization. Get a free account! http://www2.precog.com/precogplatform/slashdotnewsletter
_______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
