On 09/09/2013 01:18 PM, Steven Jan Springl wrote:
> On Thursday 05 Sep 2013 20:15:05 Tom Eastep wrote:
>
>>
>> New Features:
>>
>> REJECT_ACTION=<action>
>>
>> where <action> is the name of an action that implements your
>> alternative handling. The 'nolog' option is automatically assumed
>> for the named <action> and it is recommended that the 'inline'
>> option be specified for the action in /etc/shorewall/actions.
>>
>
> Tom
>
> In the attached config. when the REJECT_ACTION Reject1 is specified in the
> actions file without the 'inline' option the following error mesages are
> produced:
>
> ERROR: Internal error in Shorewall::Rules::createactionchain at
> /usr/share/shorewall/Shorewall/Rules.pm line 1290 at
> /usr/share/shorewall/Shorewall/Config.pm line 1317
>
> Shorewall::Config::fatal_error('Internal error in
> Shorewall::Rules::createactionchain at /usr...') called at
> /usr/share/shorewall/Shorewall/Config.pm line 1357
>
> Shorewall::Config::assert('') called at
> /usr/share/shorewall/Shorewall/Rules.pm
> line 1290
> Shorewall::Rules::createactionchain('Reject1') called at
> /usr/share/shorewall/Shorewall/Rules.pm line 1311
>
> Shorewall::Rules::use_action('Reject1') called at
> /usr/share/shorewall/Shorewall/Rules.pm line 1823
>
> Shorewall::Rules::use_policy_action('Reject1', 'reject') called at
> /usr/share/shorewall/Shorewall/Rules.pm line 1840
>
> Shorewall::Rules::process_reject_action() called at
> /usr/share/shorewall/Shorewall/Compiler.pm line 855
>
> Shorewall::Compiler::compiler('script', '/var/lib/shorewall/.start',
> 'directory', '/etc/shorewall2A33', 'verbosity', 1, 'timestamp', 0, 'debug',
> ...) called at /usr/share/shorewall/compiler.pl line 145
>
> If 'inline' is not specified are these errors messages expected?No. But rather than try to correct this problem, I think I'll just force the REJECT_ACTION to be inline. Patch attached. Thanks Steven, -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
diff --git a/Shorewall/Perl/Shorewall/Rules.pm b/Shorewall/Perl/Shorewall/Rules.pm
index 7d8c829..2e3bb54 100644
--- a/Shorewall/Perl/Shorewall/Rules.pm
+++ b/Shorewall/Perl/Shorewall/Rules.pm
@@ -1749,9 +1749,9 @@ sub process_actions() {
while ( read_a_line( NORMAL_READ ) ) {
my ( $action, $options ) = split_line 'action file' , { action => 0, options => 1 };
- my $type = ACTION;
+ my $type = ( $action eq $config{REJECT_ACTION} ? INLINE : ACTION );
my $noinline = 0;
- my $nolog = ( $action eq $config{REJECT_ACTION} ) || 0;
+ my $nolog = ( $type == INLINE ) || 0;
my $builtin = 0;
if ( $action =~ /:/ ) {
@@ -1812,7 +1812,7 @@ sub process_actions() {
if ( my $action = $config{REJECT_ACTION} ) {
my $type = $targets{$action};
fatal_error "REJECT_ACTION ($action) was not defined" unless $type;
- fatal_error "REJECT_ACTION ($action) is not an action" unless $type & (ACTION | INLINE);
+ fatal_error "REJECT_ACTION ($action) is not an action" unless $type == INLINE;
}
}
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ How ServiceNow helps IT people transform IT departments: 1. Consolidate legacy IT systems to a single system of record for IT 2. Standardize and globalize service processes across IT 3. Implement zero-touch automation to replace manual, redundant tasks http://pubads.g.doubleclick.net/gampad/clk?id=51271111&iu=/4140/ostg.clktrk
_______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
