On 4/11/13 5:17 PM, "Tom Eastep" <teas...@shorewall.net> wrote:
>On 4/11/13 4:07 PM, "Mr Dash Four" <mr.dash.f...@googlemail.com> wrote: >> >>4. >>rules >>~~~~~ >>INLINE $FW net tcp - 2345 ; -j SSS --dport 1234 -m mouse --name test2 >> >>produces >> >>-A fw2net -p 6 --dport 1234 --sport 2345 -m mouse --name test2 -j SSS >> >>Shouldn't the above raise an error as after the "-j" everything should >>be considered parameters to the target specified - SSS in the above >>example? >> >>Not that I am complaining, because "-m" normally indicates the start of >>a match and "--dport" is also a "standard" match as well, so I suspect >>shorewall parses everything after ";" (and does that pretty well, it >>seems), which is illustrated by this test case: >> >>rules >>~~~~~ >>INLINE $FW net tcp - 2345 ; -j SSS --test2 1234 -m mouse --name test2 >> >>produces >> >>-A fw2net -p 6 --sport 2345 -m mouse --name test2 -j SSS --test2 1234 > >I think that I'll leave this as it is. Shorewall understands --dport which >is why this works the way it does. And it understands '-m', of course. -Tom You do not need a parachute to skydive. You only need a parachute to skydive twice. ------------------------------------------------------------------------------ Precog is a next-generation analytics platform capable of advanced analytics on semi-structured data. The platform includes APIs for building apps and a phenomenal toolset for data science. Developers can use our toolset for easy data analysis & visualization. Get a free account! http://www2.precog.com/precogplatform/slashdotnewsletter _______________________________________________ Shorewall-devel mailing list Shorewall-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-devel
