On 4/17/13 5:26 PM, "Dash Four" <mr.dash.f...@googlemail.com> wrote:
>
>> Patch TARGETOPTIONS.patch attached.
>>
>It catches most, but not all "known" targets. "INLINE $FW net ; -j NFLOG
>--name test" for example passes without warning or error being issued.
NFLOG accepts options; I'm not going to parse and validate them.
>
>> Patch INLINECOLON.patch attached.
>>
>Works as expected.
>
>>> 3. How do I specify INLINE in actions (including inline actions)? I
>>> tried using something like 'TEST("-j SECCTX --name test",drop) $FW
>>>net',
>>> bearing in mind that TEST takes 2 parameters - one the INLINE action
>>> parameters (the stuff after ";"); and two - parameter for the AUDIT
>>> action, but I've got shorewall moaning about my double quotes (without
>>> the quotes I also get an error).
>>>
>>> The TEST action consists of this:
>>>
>>> ?IF $1
>>> INLINE ; $1
>>> ?ENDIF
>>> ?IF $2
>>> AUDIT($2)
>>> ?ENDIF
>>>
>>
>> Any use of quoted strings will be a major project to implement.
>>
>OK, I take it there isn't a way for me to specify this (short of using
>parameters without spaces)?
Correct.
>
>On a side note, I've implemented my first proper perl hacks in shorewall
>(Chains.pm, Rules.pm and Accounting.pm all went under the knife) to
>accommodate the new "options" for the iptables custom-code we've been
>using for the past year or so and I am very proud of myself, bearing in
>mind that my perl knowledge was close to nil about 2 hours ago. Peculiar
>language this perl.
You're not the first to make that observation :-)
>
>Another question and I know I asked this earlier, but can't find any
>references to this: How do I get rid of my "xt_CT: No such helper XXX"
>messages appearing in my shorewall startup/restart/reload logs? These
>are very annoying and I don't see a way to shut shorewall up!
Use a capabilities file and set WARNOLDCAPSVERSION=No in shorewall.conf.
-Tom
You do not need a parachute to skydive. You only need a parachute to
skydive twice.
------------------------------------------------------------------------------
Precog is a next-generation analytics platform capable of advanced
analytics on semi-structured data. The platform includes APIs for building
apps and a phenomenal toolset for data science. Developers can use
our toolset for easy data analysis & visualization. Get a free account!
http://www2.precog.com/precogplatform/slashdotnewsletter
_______________________________________________
Shorewall-devel mailing list
Shorewall-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-devel
