[1:root@elmo shorewall 148]$ rpm -q shorewall
shorewall-4.6.11.1-2.fc22.noarch
I'm trying to log any unmatched esp traffic in the mangle table and getting an
error:
Checking /etc/shorewall/mangle...
ERROR: LOG requires a level /etc/shorewall/mangle (line 63)
params:
MY_LOG_HASHLIMIT="-m hashlimit --hashlimit-upto 3/min --hashlimit-burst 2
--hashlimit-name lograte --hashlimit-mode srcip
--hashlimit-htable-expire 60000"
mangle (all four INLINEs fail):
CONTINUE:P - - esp { test=!0/$CONNMASK }
#INLINE:P - - esp ; -j LOG --log-level 4 --log-prefix "Unknown esp
partner"
#INLINE:P - - esp ; -j LOG --log-level warning --log-prefix "Unknown
esp partner" $MY_LOG_HASHLIMIT
INLINE:P - - esp ; -j LOG --log-level 4 --log-prefix "Unknown esp
partner" $MY_LOG_HASHLIMIT
#INLINE:P - - esp ; $MY_LOG_HASHLIMIT -j LOG --log-level 4
--log-prefix "Unknown esp partner"
Also getting an error when I try to use DROP:
Checking /etc/shorewall/mangle...
ERROR: Invalid ACTION (DROP) /etc/shorewall/mangle (line 61)
mangle:
DROP:P - - esp
I can't seem to find the magical incantation to achieve this.
Also, can the compiler trigger an error when there is a lone underscore
(\s_[\s$])? I've had
had a problem a couple of times where I typed an underscore instead of a dash.
Happy New Year,
Bill
------------------------------------------------------------------------------
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
