Re: [Shorewall-devel] Shorewall 4.5.16 Beta 2

Wed, 10 Apr 2013 16:09:27 -0700 

On 04/10/2013 02:27 PM, Steven Jan Springl wrote:

> In the attached config. blrules entry:
> 
> blacklog  lan:1.1.1.0/24  all  icmp  8
> 
> Produces the following error message:
> 
> ERROR: Unknown rule target (A_DROP) /etc/shorewall2A25/blrules (line 16)
> 
> Note, this worked in 4.5.16-Beta1 and prior releases.

It didn't produce an error in earlier releases but it didn't generate
correct rules either :-( I suspect that you may find more cases.

Patch attached.

Thanks Steven!

-Tom
-- 
Tom Eastep        \ When I die, I want to go like my Grandfather who
Shoreline,         \ died peacefully in his sleep. Not screaming like
Washington, USA     \ all of the passengers in his car
http://shorewall.net \________________________________________________

diff --git a/Shorewall/Perl/Shorewall/Chains.pm b/Shorewall/Perl/Shorewall/Chains.pm
index 10cead5..e07c6f1 100644
--- a/Shorewall/Perl/Shorewall/Chains.pm
+++ b/Shorewall/Perl/Shorewall/Chains.pm
@@ -2516,6 +2516,9 @@ sub ensure_audit_blacklog_chain( $$$ ) {
 	log_rule_limit( $level , $logchainref , 'blacklst' , $disposition , "$globals{LOGLIMIT}" , '', 'add',	'' );
 
 	add_ijump( $logchainref, j => 'AUDIT', targetopts => '--type ' . lc $target );
+
+	$target =~ s/^A_//;
+ 
 	add_ijump( $logchainref, g => $target );
     }
 
diff --git a/Shorewall/Perl/Shorewall/Misc.pm b/Shorewall/Perl/Shorewall/Misc.pm
index 9db89cd..85a5469 100644
--- a/Shorewall/Perl/Shorewall/Misc.pm
+++ b/Shorewall/Perl/Shorewall/Misc.pm
@@ -1165,7 +1165,7 @@ sub setup_mac_lists( $ ) {
     my $target      = $globals{MACLIST_TARGET};
     my $level       = $config{MACLIST_LOG_LEVEL};
     my $disposition = $config{MACLIST_DISPOSITION};
-    my $audit       = $disposition =~ s/^A_//;
+    my $audit       = ( $disposition =~ s/^A_// );
     my $ttl         = $config{MACLIST_TTL};
 
     progress_message2 "$doing MAC Filtration -- Phase $phase...";

Attachment: signature.asc
Description: OpenPGP digital signature

------------------------------------------------------------------------------
Precog is a next-generation analytics platform capable of advanced
analytics on semi-structured data. The platform includes APIs for building
apps and a phenomenal toolset for data science. Developers can use
our toolset for easy data analysis & visualization. Get a free account!
http://www2.precog.com/precogplatform/slashdotnewsletter
_______________________________________________
Shorewall-devel mailing list
Shorewall-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-devel

Reply via email to