> You simply specify the macro name in the POLICY file. Doesn't seem to work.
macro.C_MACRO ~~~~~~~~~~~~~ LOG LOG:NFLOG(1,0,1) LOG:NFLOG(2,0,1) policy ~~~~~~ $FW net DROP:C_MACRO info I am getting "ERROR: LOG requires a log level" policy ~~~~~~ $FW net DROP:C_MACRO:info info This time I am getting "ERROR: Invalid default action (C_MACRO:info)" policy ~~~~~~ $FW net DROP:C_MACRO(info) info This time the message is "ERROR: Default Action Macros may not have parameters" Finally, one question and a suggestion: suppose I would like to conditionally dump packets on both side of a connection initiated from outside. For the incoming part I know I should put the appropriate NFLOG statement in the NEW section. The tricky bit (at least for me anyway) is what to do on the outgoing side, particularly when the connection is already established (I *do* wish to dump every packet regardless of the connection tracking state, including the UNTRACKED ones). Should I then place the appropriate statement in the ALL section of the rules file then? Would that execute prior to the connection tracking state matches (NEW, RELATED, ESTABLISHED)? Do these type of statements (in the ALL section) go after the blackists and the various tcp flag/smurfs and all other checks shorewall has put in place? The suggestion: from what I can gather, currently there isn't a stand-alone AUDIT statement in the way there are LOG and NFLOG ones. Would it be possible to include one? The type specified in that AUDIT statement (accept, drop and reject) is largely irrelevant as far as iptables go (they do have significance in the audit facility though). The reason I ask this is because if I had this, I could add the AUDIT log target to my custom macro/action when auditing of packets (*without* explicitly dropping/rejecting/accepting them) is needed, along with LOG/NFLOG targets. ------------------------------------------------------------------------------ Monitor your physical, virtual and cloud infrastructure from a single web console. Get in-depth insight into apps, servers, databases, vmware, SAP, cloud infrastructure, etc. Download 30-day Free Trial. Pricing starts from $795 for 25 servers or applications! http://p.sf.net/sfu/zoho_dev2dev_nov _______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
