> You are using ${0} -- if you use @{0} then it works (but you will need
> to wait until RC 1; in Beta3, just use @).
>
> Within a SWITCH, @{0} (@ in Beta 3) expands to the name of the current
> chain with non-alphanumeric characters except '_' and '-' suppressed.
> ${0} always expands to the full name of the chain.
Is this behaviour explained/documented anywhere, particularly the distinction
between '@' and '$0'? Substituting $0 with @ does indeed work.
>> 4. Further to the "forbidden or not" discussion earlier, I am not sure
>> whether the above can be considered a bug, but, at the very least, there
>> seems to be inconsistency in reporting of errors/allowing inlined
>> actions. The following actions appear on the "forbidden" list, but are
>> allowed in for invocation inline: Broadcast*, Invalid, RST and TCPFlags*
>>
>> In case where DropSmurfs is used inline, the error I am getting is
>> "ERROR: Bareword "IPv6_MULTICAST" not allowed while "strict subs" in use
>> at /usr/share/shorewall/action.DropSmurfs line 80" instead of the
>> "ERROR: Invalid Action (XXX) in inline action"
>>
>> * - This invocation is translated to a straight jump (-j <action_name>)
>> - inline - instead of emitting an error message.
>
> This is a non-issue now that 'inline' is ignored for these actions.
Please elaborate.
>
>> 5. Minor issue, which could be improved upon as far as optimisation of
>> inline actions goes:
>>
>> rules
>> ~~~~~
>> circ1(dropBcast) $FW net
>> dropBcast $FW net
>>
>> generates something like:
>>
>> :~comb2 [0:0]
>> [...]
>> -A fw2net -j ~comb2
>> -A fw2net -j ~comb2
>> [...]
>> -A ~comb2 -m addrtype --dst-type BROADCAST -j DROP
>> -A ~comb2 -d 224.0.0.0/4 -j DROP
>>
>> Both statements for "-A fw2net ..." above should have been combined into
>> a single one.
>
> Doesn't setting OPTIMIZE=31 remove the duplicate rule?
No.
------------------------------------------------------------------------------
Keep yourself connected to Go Parallel:
DESIGN Expert tips on starting your parallel project right.
http://goparallel.sourceforge.net/
_______________________________________________
Shorewall-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-devel
