On 4/19/13 3:47 PM, "Dash Four" <mr.dash.f...@googlemail.com> wrote:
> >>> SECTION INPUT >>> NFACCT(all) \ >>> NFACCT(marked) - - - - - 12 \ >>> NFACCT(admin) - - - - - - root \ >>> NFACCT(web) - +web[src,src] >>> >>> The above, if properly "combined" (and, of course, assuming that the >>>"\" >>> symbol activates it) could all be implemented with a single rule: >>> >>> -A accountin -m nfacct --nfacct-name all \ >>> -m mark --mark 0xc -m nfacct --nfacct-name marked \ >>> -m owner --uid-owner 0 -m nfacct --nfacct-name admin \ >>> -m set --match-set web src,src -m nfacct --nfacct-name web >>> >> >> I'll never implement that. >> >It isn't easy, I know. > >>> If implementing this isn't possible or very difficult to do (at least >>> for now), I have another possible alternative - implement INLINE in >>> "accounting". >>> >> >> That I can do. >> >I thought it might be a bit easier than the "\" symbol proposition. It >will give me more freedom too. Patch attached. -Tom You do not need a parachute to skydive. You only need a parachute to skydive twice.
INLINEACCT.patch
Description: Binary data
------------------------------------------------------------------------------ Precog is a next-generation analytics platform capable of advanced analytics on semi-structured data. The platform includes APIs for building apps and a phenomenal toolset for data science. Developers can use our toolset for easy data analysis & visualization. Get a free account! http://www2.precog.com/precogplatform/slashdotnewsletter
_______________________________________________ Shorewall-devel mailing list Shorewall-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-devel
