On Jun 1, 2013, at 9:05 AM, Tom Eastep <[email protected]> wrote:
> > On Jun 1, 2013, at 9:00 AM, Dash Four <[email protected]> wrote: > >> >> Tom Eastep wrote: >>> On 06/01/2013 08:37 AM, Tom Eastep wrote: >>> >>> >>> I *can* reproduce it if I modify action.IFLOG as follows: >>> >>> >>> ?IF $5 >>> $5 >>> ?ENDIF >>> ?IF $1 >>> NFLOG($1,0,1) >>> ?ENDIF >>> ?IF $2 >>> ?SET @chain $3 ? $3 : " " >>> ?SET @disposition $4 ? $4 : " " >>> LOG:info(tcp_options,ip_options,macdecode,tcp_sequence,uid) >>> ?ENDIF >>> >> You are (partially) right. I do have an extra check for the 5th >> parameter at the very beginning and issue a "Drop" (not DROP!): >> >> ?IF $5 eq 'Drop' >> $5 >> ?ENDIF >> >> The above statement is conditional upon $5 being equal to "Drop" and >> when I call this action with "IFLOG(-,log1,-,drop,DROP) all all" that >> surely won't satisfy the "if" above as "DROP" ain't "Drop", unless >> shorewall makes case insensitive comparisons (if so, that certainly >> wasn't the case before). > > > The warning is new in 4.5.17 -- the logic surrounding ?IF has not changed. > > So please send the real action.IFLOG contents and the actual rule in the > RELATED section. Also, if you have defined your own action.Drop, then I would need to see it too. Because if it terminates with an unconditional DROP and has no CONTINUE rules, then the jump to 'Drop' will terminate the current chain and any additional rules in that chain are unreachable. -Tom Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ Get 100% visibility into Java/.NET code with AppDynamics Lite It's a free troubleshooting tool designed for production Get down to code-level detail for bottlenecks, with <2% overhead. Download for free and get started troubleshooting in minutes. http://p.sf.net/sfu/appdyn_d2d_ap2 _______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
