>>>> AllowICMPs(audit) - - icmp >>>> DropUPnP(audit) >>>> DropDNSrep(audit) >>>> >>>> So, shouldn't the above be A_ACCEPT and A_DROP instead of ACCEPT and >>>> DROP then? >>>> >>>> >>> No -- not unless you have modified the macros like I suggested in an >>> earlier post. >>> >>> >> So, in other words, specifying "audit" in the above 3 macros is >> completely meaningless then? >> > > You are an output-only device which I'm now shutting off for the night. > Yeah, as if!
If I understood you correctly, your earlier "suggestion" was this: > I would > > [...] > - Modify the copy as needed. You might also need to copy macros like > macro.SMB that are invoked by the action if you want audited copies of those > as well > So, in order to make a default action fully accept "audit" (something you claim is now "supported" in .20-Beta3) I have to 1) find out what macros these default actions depend on; 2) decide (by means of testing) which of those macros support "audit" and which do not; 3) copy, then edit, then change those macros that do not support "audit"; 4) edit my actions file to reflect these changes I have just made and finally 5) change my shorewall.conf to add these newly-defined "custom actions" in? Right! Do you think I have the word "Goofy" imprinted on my forehead by any chance? ------------------------------------------------------------------------------ vRanger cuts backup time in half-while increasing security. With the market-leading solution for virtual backup and recovery, you get blazing-fast, flexible, and affordable data protection. Download your free trial now. http://p.sf.net/sfu/quest-d2dcopy1 _______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
