On Thursday 21 July 2011 00:24:10 Tom Eastep wrote: > On 7/20/11 4:14 PM, Steven Jan Springl wrote: > > To get the following rule to work, I applied the LOGMARK patch that you > > wrote for Ed W. > > > > LOG:LOGMARK(info) lan fw tcp 100 > > > > If I change the rule to: > > > > LOG:LOGMARK() lan fw tcp 100 > > > > The following iptables rule is generated: > > > > -A lan2fw -p 6 --dport 100 -m hashlimit --hashlimit-upto > > 4/sec --hashlimit-burst 8 --hashlimit-name lograte --hashlimit-mode dstip > > -j LOGMARK --log-level --log-prefix "Shorewall:la:" > > > > which produces the following messages: > > > > Use of uninitialized value $sublevel in pattern match (m//) > > at /usr/share/shorewall/Shorewall/Config.pm line 2145, <$currentfile> > > line 18. > > > > Use of uninitialized value $sublevel in concatenation (.) or string > > at /usr/share/shorewall/Shorewall/Config.pm line 2149, <$currentfile> > > line 18. > > > > iptables-restore v1.4.11.1: LOGMARK: Bad value for "--log-level" > > option: "--log-prefix" > > Steven, > > I had already changed the LOGMARK implementation to make the parameter > optional (default is 6). See if this doesn't correct that problem. > > Thanks, > -Tom
Tom After applying the patch, I get the following message: ERROR: Invalid log level (LOGMARK()) : /etc/shorewallA/rules (line 18) Steven. ------------------------------------------------------------------------------ 10 Tips for Better Web Security Learn 10 ways to better secure your business today. Topics covered include: Web security, SSL, hacker attacks & Denial of Service (DoS), private keys, security Microsoft Exchange, secure Instant Messaging, and much more. http://www.accelacomm.com/jaw/sfnl/114/51426210/ _______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
