Tom Eastep wrote: > On 06/01/2013 08:37 AM, Tom Eastep wrote: > > > I *can* reproduce it if I modify action.IFLOG as follows: > > > ?IF $5 > $5 > ?ENDIF > ?IF $1 > NFLOG($1,0,1) > ?ENDIF > ?IF $2 > ?SET @chain $3 ? $3 : " " > ?SET @disposition $4 ? $4 : " " > LOG:info(tcp_options,ip_options,macdecode,tcp_sequence,uid) > ?ENDIF > You are (partially) right. I do have an extra check for the 5th parameter at the very beginning and issue a "Drop" (not DROP!):
?IF $5 eq 'Drop' $5 ?ENDIF The above statement is conditional upon $5 being equal to "Drop" and when I call this action with "IFLOG(-,log1,-,drop,DROP) all all" that surely won't satisfy the "if" above as "DROP" ain't "Drop", unless shorewall makes case insensitive comparisons (if so, that certainly wasn't the case before). ------------------------------------------------------------------------------ Get 100% visibility into Java/.NET code with AppDynamics Lite It's a free troubleshooting tool designed for production Get down to code-level detail for bottlenecks, with <2% overhead. Download for free and get started troubleshooting in minutes. http://p.sf.net/sfu/appdyn_d2d_ap2 _______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
