On 11/21/2012 06:19 PM, Mr Dash Four wrote:
It works. You may change the "ERROR: Invalid AUDIT type (XXXXX)"
message to indicate what type of audit is acceptable
(accept|reject|drop), but that's a minor thing.
Done.
Also, personally, I'd prefer this to be "AUDIT" instead of "Audit"
for consistency with LOG/NFLOG, but these are semantics really.
You caught me being lazy :) I implemented the feature as an external
action rather than as a compiler built-in; that required that the name
be distinct from the Netfilter built-in targets.
The attached patch implements a built-in named AUDIT.
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car
http://shorewall.net \________________________________________________
diff --git a/Shorewall/Perl/Shorewall/Chains.pm b/Shorewall/Perl/Shorewall/Chains.pm
index 327ce39..b0c92d0 100644
--- a/Shorewall/Perl/Shorewall/Chains.pm
+++ b/Shorewall/Perl/Shorewall/Chains.pm
@@ -2465,6 +2465,7 @@ sub initialize_chain_table($) {
'A_ACCEPT' => STANDARD + AUDIT,
'A_ACCEPT+' => STANDARD + NONAT + AUDIT,
'NONAT' => STANDARD + NONAT + NATONLY,
+ 'AUDIT' => STANDARD,
'DROP' => STANDARD,
'DROP!' => STANDARD,
'A_DROP' => STANDARD + AUDIT,
@@ -2520,6 +2521,7 @@ sub initialize_chain_table($) {
#
%targets = ('ACCEPT' => STANDARD,
'ACCEPT!' => STANDARD,
+ 'AUDIT' => STANDARD,
'DROP' => STANDARD,
'DROP!' => STANDARD,
'REJECT' => STANDARD,
diff --git a/Shorewall/Perl/Shorewall/Rules.pm b/Shorewall/Perl/Shorewall/Rules.pm
index eddf1b9..80b2fad 100644
--- a/Shorewall/Perl/Shorewall/Rules.pm
+++ b/Shorewall/Perl/Shorewall/Rules.pm
@@ -1841,6 +1841,10 @@ sub process_rule1 ( $$$$$$$$$$$$$$$$$$ ) {
fatal_error "$action rules require a set name parameter" unless $param;
} elsif ( $actiontype & ACTION ) {
split_list $param, 'Action parameter';
+ } elsif ( $basictarget eq 'AUDIT' ) {
+ require_capability ( 'AUDIT_TARGET', 'The AUDIT action', 's' );
+ $param = $param eq '' ? 'drop' : $param;
+ fatal_error "Invalid AUDIT type ($param) -- must be 'accept', 'drop' or 'reject'" unless $param =~ /^(?:accept|drop|reject)$/;
} else {
fatal_error "The $basictarget TARGET does not accept a parameter" unless $param eq '';
}
@@ -1909,7 +1913,11 @@ sub process_rule1 ( $$$$$$$$$$$$$$$$$$ ) {
$actiontype |= HELPER if $section eq 'NEW';
}
} ,
-
+
+ AUDIT => sub() {
+ $action = "AUDIT --type $param";
+ } ,
+
REDIRECT => sub () {
my $z = $actiontype & NATONLY ? '' : firewall_zone;
if ( $dest eq '-' ) {
------------------------------------------------------------------------------
Monitor your physical, virtual and cloud infrastructure from a single
web console. Get in-depth insight into apps, servers, databases, vmware,
SAP, cloud infrastructure, etc. Download 30-day Free Trial.
Pricing starts from $795 for 25 servers or applications!
http://p.sf.net/sfu/zoho_dev2dev_nov
_______________________________________________
Shorewall-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-devel
