On 04/20/2013 02:25 PM, Dash Four wrote: > > Tom Eastep wrote: >> >> "!" is useful in the following rule: >> >> NFACCT(all) - +fooset[src] +barset[dst](foobar) >> >> In this rule, the 'all' nfacc counter is incremented >> unconditionally while the foobar counter is only incremented if >> the packet SOURCE address is in fooset and the DEST address is in >> barset. >> > There is no "!" after NFACCT(all).
Oops -- thanks.
>
>> New Features:
>>
>> 1) The INLINE action is also supported in the accounting file. INLINE
>> is treated the same as COUNT with the exception that the freeform
>> iptables input following the ';' is appended to any matches
>> generated by the column contents. In the accounting file, INLINE
>> does not accept a parameter.
>>
> Is there an "automatic" addition of nfacct objects implemented in INLINE
> ("nfacct add <obj>")? For example:
>
> INLINE ; -m nfacct --nfacct-name test
>
> With the above, do I have to manually add "test" or is there some magic
> shorewall could do to automate that?
It happens automatically.
>
>> This change will cause the order of matches in iptables rules to be
>> different from in previously releases. Please report any
>> differences that you find that are not simple match reorderings.
>>
> I'll have more time to test this if not later on, then tomorrow.
Thanks,
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car
http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Precog is a next-generation analytics platform capable of advanced analytics on semi-structured data. The platform includes APIs for building apps and a phenomenal toolset for data science. Developers can use our toolset for easy data analysis & visualization. Get a free account! http://www2.precog.com/precogplatform/slashdotnewsletter
_______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
