Tom To get the following rule to work, I applied the LOGMARK patch that you wrote for Ed W.
LOG:LOGMARK(info) lan fw tcp 100 If I change the rule to: LOG:LOGMARK() lan fw tcp 100 The following iptables rule is generated: -A lan2fw -p 6 --dport 100 -m hashlimit --hashlimit-upto 4/sec --hashlimit-burst 8 --hashlimit-name lograte --hashlimit-mode dstip -j LOGMARK --log-level --log-prefix "Shorewall:la:" which produces the following messages: Use of uninitialized value $sublevel in pattern match (m//) at /usr/share/shorewall/Shorewall/Config.pm line 2145, <$currentfile> line 18. Use of uninitialized value $sublevel in concatenation (.) or string at /usr/share/shorewall/Shorewall/Config.pm line 2149, <$currentfile> line 18. iptables-restore v1.4.11.1: LOGMARK: Bad value for "--log-level" option: "--log-prefix" Steven. ------------------------------------------------------------------------------ 10 Tips for Better Web Security Learn 10 ways to better secure your business today. Topics covered include: Web security, SSL, hacker attacks & Denial of Service (DoS), private keys, security Microsoft Exchange, secure Instant Messaging, and much more. http://www.accelacomm.com/jaw/sfnl/114/51426210/ _______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
