On Jun 1, 2013, at 9:00 AM, Dash Four <[email protected]> wrote:
> > Tom Eastep wrote: >> On 06/01/2013 08:37 AM, Tom Eastep wrote: >> >> >> I *can* reproduce it if I modify action.IFLOG as follows: >> >> >> ?IF $5 >> $5 >> ?ENDIF >> ?IF $1 >> NFLOG($1,0,1) >> ?ENDIF >> ?IF $2 >> ?SET @chain $3 ? $3 : " " >> ?SET @disposition $4 ? $4 : " " >> LOG:info(tcp_options,ip_options,macdecode,tcp_sequence,uid) >> ?ENDIF >> > You are (partially) right. I do have an extra check for the 5th > parameter at the very beginning and issue a "Drop" (not DROP!): > > ?IF $5 eq 'Drop' > $5 > ?ENDIF > > The above statement is conditional upon $5 being equal to "Drop" and > when I call this action with "IFLOG(-,log1,-,drop,DROP) all all" that > surely won't satisfy the "if" above as "DROP" ain't "Drop", unless > shorewall makes case insensitive comparisons (if so, that certainly > wasn't the case before). The warning is new in 4.5.17 -- the logic surrounding ?IF has not changed. So please send the real action.IFLOG contents and the actual rule in the RELATED section. -Tom Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ Get 100% visibility into Java/.NET code with AppDynamics Lite It's a free troubleshooting tool designed for production Get down to code-level detail for bottlenecks, with <2% overhead. Download for free and get started troubleshooting in minutes. http://p.sf.net/sfu/appdyn_d2d_ap2 _______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
